From 724ac1b29eb4d23c44bda49b620734e532ffed87 Mon Sep 17 00:00:00 2001 From: Matt Boersma Date: Wed, 6 May 2026 08:41:36 -0600 Subject: [PATCH] Strip OpenAPI description fields from vendored ASO CRDs --- Makefile | 5 + config/aso/crds.yaml | 23850 ----------------------------------------- 2 files changed, 5 insertions(+), 23850 deletions(-) diff --git a/Makefile b/Makefile index 6371c2f0cee..027991eceaa 100644 --- a/Makefile +++ b/Makefile @@ -575,6 +575,10 @@ generate-addons: fetch-calico-manifests $(ENVSUBST) .PHONY: generate-aso-crds # The yq command filters the list of all ASO CRDs to just the ones specified by ASO_CRDS. +# The second yq command strips OpenAPI `description` fields from the schemas to keep +# the resulting CRDs small enough for API servers (e.g. EKS) that have tighter +# request-size or streaming-timeout budgets than kind/AKS. `description` is metadata +# only, so removing it does not affect validation. # The sed command changes '$$' to '$$$$' so once the CRDs get run through # envsubst, '$$$$' changes back to '$$' so ASO will not detect a diff and try to # update the CRDs for which we don't give it permission. @@ -582,6 +586,7 @@ generate-aso-crds: $(YQ) $(YQ) e -i '.resources[] |= sub("^(https://github\.com/Azure/azure-service-operator/releases/download/)[^/]+(/.*_).*(\.yaml)$$", "$${1}$(ASO_VERSION)$${2}$(ASO_VERSION)$${3}")' $(ROOT_DIR)/config/aso/kustomization.yaml curl -fSsL "https://github.com/Azure/azure-service-operator/releases/download/$(ASO_VERSION)/azureserviceoperator_customresourcedefinitions_$(ASO_VERSION).yaml" | \ $(YQ) e '. | select($(foreach name,$(ASO_CRDS),.metadata.name == "$(name)" or )false)' - | \ + $(YQ) e 'del(.. | select(has("description")).description)' - | \ sed 's/\$$\$$/$$$$$$$$/g' \ > $(ASO_CRDS_PATH) diff --git a/config/aso/crds.yaml b/config/aso/crds.yaml index 919afdecc63..f7533436137 100644 --- a/config/aso/crds.yaml +++ b/config/aso/crds.yaml @@ -48,112 +48,66 @@ spec: name: v1api20220701 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/bastionHost.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/bastionHosts/{bastionHostName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string disableCopyPaste: - description: 'DisableCopyPaste: Enable/Disable Copy/Paste feature of the Bastion Host resource.' type: boolean dnsName: - description: 'DnsName: FQDN for the endpoint on which bastion host is accessible.' type: string enableFileCopy: - description: 'EnableFileCopy: Enable/Disable File Copy feature of the Bastion Host resource.' type: boolean enableIpConnect: - description: 'EnableIpConnect: Enable/Disable IP Connect feature of the Bastion Host resource.' type: boolean enableShareableLink: - description: 'EnableShareableLink: Enable/Disable Shareable Link of the Bastion Host resource.' type: boolean enableTunneling: - description: 'EnableTunneling: Enable/Disable Tunneling feature of the Bastion Host resource.' type: boolean ipConfigurations: - description: 'IpConfigurations: IP configuration of the Bastion Host resource.' items: - description: IP configuration of an Bastion Host. properties: name: - description: 'Name: Name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string privateIPAllocationMethod: - description: 'PrivateIPAllocationMethod: Private IP allocation method.' enum: - Dynamic - Static type: string publicIPAddress: - description: 'PublicIPAddress: Reference of the PublicIP resource.' properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object subnet: - description: 'Subnet: Reference of the subnet resource.' properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -163,37 +117,17 @@ spec: type: object type: array location: - description: 'Location: Resource location.' type: string operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -201,29 +135,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -232,28 +150,20 @@ spec: type: array type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object scaleUnits: - description: 'ScaleUnits: The scale units for the Bastion Host resource.' maximum: 50 minimum: 2 type: integer sku: - description: 'Sku: The sku of this Bastion Host.' properties: name: - description: 'Name: The name of this Bastion Host.' enum: - Basic - Standard @@ -262,50 +172,30 @@ spec: tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object required: - owner type: object status: - description: Bastion Host resource. properties: conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -315,65 +205,46 @@ spec: type: object type: array disableCopyPaste: - description: 'DisableCopyPaste: Enable/Disable Copy/Paste feature of the Bastion Host resource.' type: boolean dnsName: - description: 'DnsName: FQDN for the endpoint on which bastion host is accessible.' type: string enableFileCopy: - description: 'EnableFileCopy: Enable/Disable File Copy feature of the Bastion Host resource.' type: boolean enableIpConnect: - description: 'EnableIpConnect: Enable/Disable IP Connect feature of the Bastion Host resource.' type: boolean enableShareableLink: - description: 'EnableShareableLink: Enable/Disable Shareable Link of the Bastion Host resource.' type: boolean enableTunneling: - description: 'EnableTunneling: Enable/Disable Tunneling feature of the Bastion Host resource.' type: boolean etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string id: - description: 'Id: Resource ID.' type: string ipConfigurations: - description: 'IpConfigurations: IP configuration of the Bastion Host resource.' items: - description: IP configuration of an Bastion Host. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array location: - description: 'Location: Resource location.' type: string name: - description: 'Name: Resource name.' type: string provisioningState: - description: 'ProvisioningState: The provisioning state of the bastion host resource.' type: string scaleUnits: - description: 'ScaleUnits: The scale units for the Bastion Host resource.' type: integer sku: - description: 'Sku: The sku of this Bastion Host.' properties: name: - description: 'Name: The name of this Bastion Host.' type: string type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object type: - description: 'Type: Resource type.' type: string type: object type: object @@ -397,43 +268,20 @@ spec: name: v1api20220701storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20220701.BastionHost - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/bastionHost.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/bastionHosts/{bastionHostName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20220701.BastionHost_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string disableCopyPaste: type: boolean @@ -449,84 +297,50 @@ spec: type: boolean ipConfigurations: items: - description: |- - Storage version of v1api20220701.BastionHostIPConfiguration - IP configuration of an Bastion Host. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string privateIPAllocationMethod: type: string publicIPAddress: - description: |- - Storage version of v1api20220701.SubResource - Reference to another ARM resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object subnet: - description: |- - Storage version of v1api20220701.SubResource - Reference to another ARM resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -535,40 +349,19 @@ spec: location: type: string operatorSpec: - description: |- - Storage version of v1api20220701.BastionHostOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -577,27 +370,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -608,31 +386,20 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object scaleUnits: type: integer sku: - description: |- - Storage version of v1api20220701.Sku - The sku of this Bastion Host. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -645,52 +412,29 @@ spec: - owner type: object status: - description: |- - Storage version of v1api20220701.BastionHost_STATUS - Bastion Host resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -717,16 +461,10 @@ spec: type: string ipConfigurations: items: - description: |- - Storage version of v1api20220701.BastionHostIPConfiguration_STATUS - IP configuration of an Bastion Host. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -741,16 +479,10 @@ spec: scaleUnits: type: integer sku: - description: |- - Storage version of v1api20220701.Sku_STATUS - The sku of this Bastion Host. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -783,118 +515,70 @@ spec: name: v1api20240301 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/bastionHost.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/bastionHosts/{bastionHostName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string disableCopyPaste: - description: 'DisableCopyPaste: Enable/Disable Copy/Paste feature of the Bastion Host resource.' type: boolean dnsName: - description: 'DnsName: FQDN for the endpoint on which bastion host is accessible.' type: string enableFileCopy: - description: 'EnableFileCopy: Enable/Disable File Copy feature of the Bastion Host resource.' type: boolean enableIpConnect: - description: 'EnableIpConnect: Enable/Disable IP Connect feature of the Bastion Host resource.' type: boolean enableKerberos: - description: 'EnableKerberos: Enable/Disable Kerberos feature of the Bastion Host resource.' type: boolean enableSessionRecording: - description: 'EnableSessionRecording: Enable/Disable Session Recording feature of the Bastion Host resource.' type: boolean enableShareableLink: - description: 'EnableShareableLink: Enable/Disable Shareable Link of the Bastion Host resource.' type: boolean enableTunneling: - description: 'EnableTunneling: Enable/Disable Tunneling feature of the Bastion Host resource.' type: boolean ipConfigurations: - description: 'IpConfigurations: IP configuration of the Bastion Host resource.' items: - description: IP configuration of an Bastion Host. properties: name: - description: 'Name: Name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string privateIPAllocationMethod: - description: 'PrivateIPAllocationMethod: Private IP allocation method.' enum: - Dynamic - Static type: string publicIPAddress: - description: 'PublicIPAddress: Reference of the PublicIP resource.' properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object subnet: - description: 'Subnet: Reference of the subnet resource.' properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -904,49 +588,27 @@ spec: type: object type: array location: - description: 'Location: Resource location.' type: string networkAcls: properties: ipRules: - description: 'IpRules: Sets the IP ACL rules for Developer Bastion Host.' items: properties: addressPrefix: - description: 'AddressPrefix: Specifies the IP or IP range in CIDR format. Only IPV4 address is allowed.' type: string type: object type: array type: object operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -954,29 +616,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -985,28 +631,20 @@ spec: type: array type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object scaleUnits: - description: 'ScaleUnits: The scale units for the Bastion Host resource.' maximum: 50 minimum: 2 type: integer sku: - description: 'Sku: The sku of this Bastion Host.' properties: name: - description: 'Name: The name of the sku of this Bastion Host.' enum: - Basic - Developer @@ -1017,34 +655,23 @@ spec: tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object virtualNetwork: - description: 'VirtualNetwork: Reference to an existing virtual network required for Developer Bastion Host only.' properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object zones: - description: 'Zones: A list of availability zones denoting where the resource needs to come from.' items: type: string type: array @@ -1052,44 +679,25 @@ spec: - owner type: object status: - description: Bastion Host resource. properties: conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -1099,93 +707,67 @@ spec: type: object type: array disableCopyPaste: - description: 'DisableCopyPaste: Enable/Disable Copy/Paste feature of the Bastion Host resource.' type: boolean dnsName: - description: 'DnsName: FQDN for the endpoint on which bastion host is accessible.' type: string enableFileCopy: - description: 'EnableFileCopy: Enable/Disable File Copy feature of the Bastion Host resource.' type: boolean enableIpConnect: - description: 'EnableIpConnect: Enable/Disable IP Connect feature of the Bastion Host resource.' type: boolean enableKerberos: - description: 'EnableKerberos: Enable/Disable Kerberos feature of the Bastion Host resource.' type: boolean enableSessionRecording: - description: 'EnableSessionRecording: Enable/Disable Session Recording feature of the Bastion Host resource.' type: boolean enableShareableLink: - description: 'EnableShareableLink: Enable/Disable Shareable Link of the Bastion Host resource.' type: boolean enableTunneling: - description: 'EnableTunneling: Enable/Disable Tunneling feature of the Bastion Host resource.' type: boolean etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string id: - description: 'Id: Resource ID.' type: string ipConfigurations: - description: 'IpConfigurations: IP configuration of the Bastion Host resource.' items: - description: IP configuration of an Bastion Host. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array location: - description: 'Location: Resource location.' type: string name: - description: 'Name: Resource name.' type: string networkAcls: properties: ipRules: - description: 'IpRules: Sets the IP ACL rules for Developer Bastion Host.' items: properties: addressPrefix: - description: 'AddressPrefix: Specifies the IP or IP range in CIDR format. Only IPV4 address is allowed.' type: string type: object type: array type: object provisioningState: - description: 'ProvisioningState: The provisioning state of the bastion host resource.' type: string scaleUnits: - description: 'ScaleUnits: The scale units for the Bastion Host resource.' type: integer sku: - description: 'Sku: The sku of this Bastion Host.' properties: name: - description: 'Name: The name of the sku of this Bastion Host.' type: string type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object type: - description: 'Type: Resource type.' type: string virtualNetwork: - description: 'VirtualNetwork: Reference to an existing virtual network required for Developer Bastion Host only.' properties: id: - description: 'Id: Resource ID.' type: string type: object zones: - description: 'Zones: A list of availability zones denoting where the resource needs to come from.' items: type: string type: array @@ -1211,43 +793,20 @@ spec: name: v1api20240301storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20240301.BastionHost - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/bastionHost.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/bastionHosts/{bastionHostName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20240301.BastionHost_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string disableCopyPaste: type: boolean @@ -1267,84 +826,50 @@ spec: type: boolean ipConfigurations: items: - description: |- - Storage version of v1api20240301.BastionHostIPConfiguration - IP configuration of an Bastion Host. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string privateIPAllocationMethod: type: string publicIPAddress: - description: |- - Storage version of v1api20240301.SubResource - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object subnet: - description: |- - Storage version of v1api20240301.SubResource - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -1353,25 +878,17 @@ spec: location: type: string networkAcls: - description: Storage version of v1api20240301.BastionHostPropertiesFormat_NetworkAcls properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipRules: items: - description: Storage version of v1api20240301.IPRule properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object addressPrefix: type: string @@ -1379,40 +896,19 @@ spec: type: array type: object operatorSpec: - description: |- - Storage version of v1api20240301.BastionHostOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -1421,27 +917,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -1452,31 +933,20 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object scaleUnits: type: integer sku: - description: |- - Storage version of v1api20240301.Sku - The sku of this Bastion Host. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -1486,35 +956,21 @@ spec: type: string type: object virtualNetwork: - description: |- - Storage version of v1api20240301.SubResource - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -1526,52 +982,29 @@ spec: - owner type: object status: - description: |- - Storage version of v1api20240301.BastionHost_STATUS - Bastion Host resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -1602,16 +1035,10 @@ spec: type: string ipConfigurations: items: - description: |- - Storage version of v1api20240301.BastionHostIPConfiguration_STATUS - IP configuration of an Bastion Host. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -1622,25 +1049,17 @@ spec: name: type: string networkAcls: - description: Storage version of v1api20240301.BastionHostPropertiesFormat_NetworkAcls_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipRules: items: - description: Storage version of v1api20240301.IPRule_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object addressPrefix: type: string @@ -1652,16 +1071,10 @@ spec: scaleUnits: type: integer sku: - description: |- - Storage version of v1api20240301.Sku_STATUS - The sku of this Bastion Host. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -1673,16 +1086,10 @@ spec: type: type: string virtualNetwork: - description: |- - Storage version of v1api20240301.SubResource_STATUS - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -1748,57 +1155,30 @@ spec: name: v1api20230501 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /kubernetesconfiguration/resource-manager/Microsoft.KubernetesConfiguration/stable/2023-05-01/extensions.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{clusterRp}/{clusterResourceName}/{clusterName}/providers/Microsoft.KubernetesConfiguration/extensions/{extensionName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: aksAssignedIdentity: - description: 'AksAssignedIdentity: Identity of the Extension resource in an AKS cluster' properties: type: - description: 'Type: The identity type.' enum: - SystemAssigned - UserAssigned type: string type: object autoUpgradeMinorVersion: - description: 'AutoUpgradeMinorVersion: Flag to note if this extension participates in auto upgrade of minor version, or not.' type: boolean azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string configurationProtectedSettings: - description: |- - ConfigurationProtectedSettings: Configuration settings that are sensitive, as name-value pairs for configuring this - extension. properties: name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - name @@ -1806,51 +1186,26 @@ spec: configurationSettings: additionalProperties: type: string - description: 'ConfigurationSettings: Configuration settings, as name-value pairs for configuring this extension.' type: object extensionType: - description: |- - ExtensionType: Type of the Extension, of which this resource is an instance of. It must be one of the Extension Types - registered with Microsoft.KubernetesConfiguration by the Extension publisher. type: string identity: - description: 'Identity: Identity of the Extension resource' properties: type: - description: 'Type: The identity type.' enum: - SystemAssigned type: string type: object operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -1858,18 +1213,12 @@ spec: type: object type: array configMaps: - description: 'ConfigMaps: configures where to place operator written ConfigMaps.' properties: principalId: - description: 'PrincipalId: indicates where the PrincipalId config map should be placed. If omitted, no config map will be created.' properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -1877,29 +1226,13 @@ spec: type: object type: object secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -1908,44 +1241,28 @@ spec: type: array type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. This resource is an - extension resource, which means that any other Azure resource can be its owner. properties: armId: - description: Ownership across namespaces is not supported. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object plan: - description: 'Plan: The plan information.' properties: name: - description: 'Name: A user defined name of the 3rd Party Artifact that is being procured.' type: string product: - description: |- - Product: The 3rd Party artifact that is being procured. E.g. NewRelic. Product maps to the OfferID specified for the - artifact at the time of Data Market onboarding. type: string promotionCode: - description: 'PromotionCode: A publisher provided promotion code as provisioned in Data Market for the said product/artifact.' type: string publisher: - description: 'Publisher: The publisher of the 3rd Party Artifact that is being bought. E.g. NewRelic' type: string version: - description: 'Version: The version of the desired product/artifact.' type: string required: - name @@ -1953,45 +1270,27 @@ spec: - publisher type: object releaseTrain: - description: |- - ReleaseTrain: ReleaseTrain this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) - only if - autoUpgradeMinorVersion is 'true'. type: string scope: - description: 'Scope: Scope at which the extension is installed.' properties: cluster: - description: 'Cluster: Specifies that the scope of the extension is Cluster' properties: releaseNamespace: - description: |- - ReleaseNamespace: Namespace where the extension Release must be placed, for a Cluster scoped extension. If this - namespace does not exist, it will be created type: string type: object namespace: - description: 'Namespace: Specifies that the scope of the extension is Namespace' properties: targetNamespace: - description: |- - TargetNamespace: Namespace where the extension will be created for an Namespace scoped extension. If this namespace - does not exist, it will be created type: string type: object type: object systemData: - description: |- - SystemData: Top level metadata - https://github.com/Azure/azure-resource-manager-rpc/blob/master/v1.0/common-api-contracts.md#system-metadata-for-all-azure-resources properties: createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' type: string createdBy: - description: 'CreatedBy: The identity that created the resource.' type: string createdByType: - description: 'CreatedByType: The type of identity that created the resource.' enum: - Application - Key @@ -1999,13 +1298,10 @@ spec: - User type: string lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' type: string lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' type: string lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' enum: - Application - Key @@ -2014,68 +1310,41 @@ spec: type: string type: object version: - description: |- - Version: User-specified version of the extension for this extension to 'pin'. To use 'version', autoUpgradeMinorVersion - must be 'false'. type: string required: - owner type: object status: - description: The Extension object. properties: aksAssignedIdentity: - description: 'AksAssignedIdentity: Identity of the Extension resource in an AKS cluster' properties: principalId: - description: 'PrincipalId: The principal ID of resource identity.' type: string tenantId: - description: 'TenantId: The tenant ID of resource.' type: string type: - description: 'Type: The identity type.' type: string type: object autoUpgradeMinorVersion: - description: 'AutoUpgradeMinorVersion: Flag to note if this extension participates in auto upgrade of minor version, or not.' type: boolean conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -2087,217 +1356,141 @@ spec: configurationProtectedSettings: additionalProperties: type: string - description: |- - ConfigurationProtectedSettings: Configuration settings that are sensitive, as name-value pairs for configuring this - extension. type: object configurationSettings: additionalProperties: type: string - description: 'ConfigurationSettings: Configuration settings, as name-value pairs for configuring this extension.' type: object currentVersion: - description: 'CurrentVersion: Currently installed version of the extension.' type: string customLocationSettings: additionalProperties: type: string - description: 'CustomLocationSettings: Custom Location settings properties.' type: object errorInfo: - description: 'ErrorInfo: Error information from the Agent - e.g. errors during installation.' properties: additionalInfo: - description: 'AdditionalInfo: The error additional info.' items: - description: The resource management error additional info. properties: info: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Info: The additional info.' type: object type: - description: 'Type: The additional info type.' type: string type: object type: array code: - description: 'Code: The error code.' type: string details: - description: 'Details: The error details.' items: properties: additionalInfo: - description: 'AdditionalInfo: The error additional info.' items: - description: The resource management error additional info. properties: info: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Info: The additional info.' type: object type: - description: 'Type: The additional info type.' type: string type: object type: array code: - description: 'Code: The error code.' type: string message: - description: 'Message: The error message.' type: string target: - description: 'Target: The error target.' type: string type: object type: array message: - description: 'Message: The error message.' type: string target: - description: 'Target: The error target.' type: string type: object extensionType: - description: |- - ExtensionType: Type of the Extension, of which this resource is an instance of. It must be one of the Extension Types - registered with Microsoft.KubernetesConfiguration by the Extension publisher. type: string id: - description: |- - Id: Fully qualified resource ID for the resource. Ex - - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} type: string identity: - description: 'Identity: Identity of the Extension resource' properties: principalId: - description: 'PrincipalId: The principal ID of resource identity.' type: string tenantId: - description: 'TenantId: The tenant ID of resource.' type: string type: - description: 'Type: The identity type.' type: string type: object isSystemExtension: - description: 'IsSystemExtension: Flag to note if this extension is a system extension' type: boolean name: - description: 'Name: The name of the resource' type: string packageUri: - description: 'PackageUri: Uri of the Helm package' type: string plan: - description: 'Plan: The plan information.' properties: name: - description: 'Name: A user defined name of the 3rd Party Artifact that is being procured.' type: string product: - description: |- - Product: The 3rd Party artifact that is being procured. E.g. NewRelic. Product maps to the OfferID specified for the - artifact at the time of Data Market onboarding. type: string promotionCode: - description: 'PromotionCode: A publisher provided promotion code as provisioned in Data Market for the said product/artifact.' type: string publisher: - description: 'Publisher: The publisher of the 3rd Party Artifact that is being bought. E.g. NewRelic' type: string version: - description: 'Version: The version of the desired product/artifact.' type: string type: object provisioningState: - description: 'ProvisioningState: Status of installation of this extension.' type: string releaseTrain: - description: |- - ReleaseTrain: ReleaseTrain this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) - only if - autoUpgradeMinorVersion is 'true'. type: string scope: - description: 'Scope: Scope at which the extension is installed.' properties: cluster: - description: 'Cluster: Specifies that the scope of the extension is Cluster' properties: releaseNamespace: - description: |- - ReleaseNamespace: Namespace where the extension Release must be placed, for a Cluster scoped extension. If this - namespace does not exist, it will be created type: string type: object namespace: - description: 'Namespace: Specifies that the scope of the extension is Namespace' properties: targetNamespace: - description: |- - TargetNamespace: Namespace where the extension will be created for an Namespace scoped extension. If this namespace - does not exist, it will be created type: string type: object type: object statuses: - description: 'Statuses: Status from this extension.' items: - description: Status from the extension. properties: code: - description: 'Code: Status code provided by the Extension' type: string displayStatus: - description: 'DisplayStatus: Short description of status of the extension.' type: string level: - description: 'Level: Level of the status.' type: string message: - description: 'Message: Detailed message of the status from the Extension.' type: string time: - description: 'Time: DateLiteral (per ISO8601) noting the time of installation status.' type: string type: object type: array systemData: - description: |- - SystemData: Top level metadata - https://github.com/Azure/azure-resource-manager-rpc/blob/master/v1.0/common-api-contracts.md#system-metadata-for-all-azure-resources properties: createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' type: string createdBy: - description: 'CreatedBy: The identity that created the resource.' type: string createdByType: - description: 'CreatedByType: The type of identity that created the resource.' type: string lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' type: string lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' type: string lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' type: string type: object type: - description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' type: string version: - description: |- - Version: User-specified version of the extension for this extension to 'pin'. To use 'version', autoUpgradeMinorVersion - must be 'false'. type: string type: object type: object @@ -2321,48 +1514,24 @@ spec: name: v1api20230501storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20230501.Extension - Generator information: - - Generated from: /kubernetesconfiguration/resource-manager/Microsoft.KubernetesConfiguration/stable/2023-05-01/extensions.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{clusterRp}/{clusterResourceName}/{clusterName}/providers/Microsoft.KubernetesConfiguration/extensions/{extensionName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20230501.Extension_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object aksAssignedIdentity: - description: Storage version of v1api20230501.Extension_Properties_AksAssignedIdentity_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object type: type: string @@ -2370,19 +1539,10 @@ spec: autoUpgradeMinorVersion: type: boolean azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string configurationProtectedSettings: - description: |- - SecretMapReference is a reference to a Kubernetes secret in the same namespace as - the resource it is on. properties: name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - name @@ -2394,55 +1554,28 @@ spec: extensionType: type: string identity: - description: |- - Storage version of v1api20230501.Identity - Identity for the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object type: type: string type: object operatorSpec: - description: |- - Storage version of v1api20230501.ExtensionOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -2450,28 +1583,16 @@ spec: type: object type: array configMaps: - description: Storage version of v1api20230501.ExtensionOperatorConfigMaps properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object principalId: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to: SecretDestination in secrets.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -2480,27 +1601,12 @@ spec: type: object secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -2511,36 +1617,22 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. This resource is an - extension resource, which means that any other Azure resource can be its owner. properties: armId: - description: Ownership across namespaces is not supported. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object plan: - description: |- - Storage version of v1api20230501.Plan - Plan for the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -2556,59 +1648,35 @@ spec: releaseTrain: type: string scope: - description: |- - Storage version of v1api20230501.Scope - Scope of the extension. It can be either Cluster or Namespace; but not both. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object cluster: - description: |- - Storage version of v1api20230501.ScopeCluster - Specifies that the scope of the extension is Cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object releaseNamespace: type: string type: object namespace: - description: |- - Storage version of v1api20230501.ScopeNamespace - Specifies that the scope of the extension is Namespace properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object targetNamespace: type: string type: object type: object systemData: - description: |- - Storage version of v1api20230501.SystemData - Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -2629,26 +1697,16 @@ spec: - owner type: object status: - description: |- - Storage version of v1api20230501.Extension_STATUS - The Extension object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object aksAssignedIdentity: - description: Storage version of v1api20230501.Extension_Properties_AksAssignedIdentity_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object principalId: type: string @@ -2661,39 +1719,22 @@ spec: type: boolean conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -2717,29 +1758,17 @@ spec: type: string type: object errorInfo: - description: |- - Storage version of v1api20230501.ErrorDetail_STATUS - The error detail. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object additionalInfo: items: - description: |- - Storage version of v1api20230501.ErrorAdditionalInfo_STATUS - The resource management error additional info. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object info: additionalProperties: @@ -2753,27 +1782,17 @@ spec: type: string details: items: - description: Storage version of v1api20230501.ErrorDetail_STATUS_Unrolled properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object additionalInfo: items: - description: |- - Storage version of v1api20230501.ErrorAdditionalInfo_STATUS - The resource management error additional info. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object info: additionalProperties: @@ -2801,16 +1820,10 @@ spec: id: type: string identity: - description: |- - Storage version of v1api20230501.Identity_STATUS - Identity for the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object principalId: type: string @@ -2826,16 +1839,10 @@ spec: packageUri: type: string plan: - description: |- - Storage version of v1api20230501.Plan_STATUS - Plan for the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -2853,43 +1860,25 @@ spec: releaseTrain: type: string scope: - description: |- - Storage version of v1api20230501.Scope_STATUS - Scope of the extension. It can be either Cluster or Namespace; but not both. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object cluster: - description: |- - Storage version of v1api20230501.ScopeCluster_STATUS - Specifies that the scope of the extension is Cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object releaseNamespace: type: string type: object namespace: - description: |- - Storage version of v1api20230501.ScopeNamespace_STATUS - Specifies that the scope of the extension is Namespace properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object targetNamespace: type: string @@ -2897,16 +1886,10 @@ spec: type: object statuses: items: - description: |- - Storage version of v1api20230501.ExtensionStatus_STATUS - Status from the extension. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -2921,16 +1904,10 @@ spec: type: object type: array systemData: - description: |- - Storage version of v1api20230501.SystemData_STATUS - Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -2971,57 +1948,30 @@ spec: name: v1api20241101 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /kubernetesconfiguration/resource-manager/Microsoft.KubernetesConfiguration/extensions/stable/2024-11-01/extensions.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{clusterRp}/{clusterResourceName}/{clusterName}/providers/Microsoft.KubernetesConfiguration/extensions/{extensionName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: aksAssignedIdentity: - description: 'AksAssignedIdentity: Identity of the Extension resource in an AKS cluster' properties: type: - description: 'Type: The identity type.' enum: - SystemAssigned - UserAssigned type: string type: object autoUpgradeMinorVersion: - description: 'AutoUpgradeMinorVersion: Flag to note if this extension participates in auto upgrade of minor version, or not.' type: boolean azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string configurationProtectedSettings: - description: |- - ConfigurationProtectedSettings: Configuration settings that are sensitive, as name-value pairs for configuring this - extension. properties: name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - name @@ -3029,51 +1979,26 @@ spec: configurationSettings: additionalProperties: type: string - description: 'ConfigurationSettings: Configuration settings, as name-value pairs for configuring this extension.' type: object extensionType: - description: |- - ExtensionType: Type of the Extension, of which this resource is an instance of. It must be one of the Extension Types - registered with Microsoft.KubernetesConfiguration by the Extension publisher. type: string identity: - description: 'Identity: Identity of the Extension resource' properties: type: - description: 'Type: The identity type.' enum: - SystemAssigned type: string type: object operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -3081,18 +2006,12 @@ spec: type: object type: array configMaps: - description: 'ConfigMaps: configures where to place operator written ConfigMaps.' properties: principalId: - description: 'PrincipalId: indicates where the PrincipalId config map should be placed. If omitted, no config map will be created.' properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -3100,29 +2019,13 @@ spec: type: object type: object secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -3131,44 +2034,28 @@ spec: type: array type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. This resource is an - extension resource, which means that any other Azure resource can be its owner. properties: armId: - description: Ownership across namespaces is not supported. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object plan: - description: 'Plan: The plan information.' properties: name: - description: 'Name: A user defined name of the 3rd Party Artifact that is being procured.' type: string product: - description: |- - Product: The 3rd Party artifact that is being procured. E.g. NewRelic. Product maps to the OfferID specified for the - artifact at the time of Data Market onboarding. type: string promotionCode: - description: 'PromotionCode: A publisher provided promotion code as provisioned in Data Market for the said product/artifact.' type: string publisher: - description: 'Publisher: The publisher of the 3rd Party Artifact that is being bought. E.g. NewRelic' type: string version: - description: 'Version: The version of the desired product/artifact.' type: string required: - name @@ -3176,45 +2063,27 @@ spec: - publisher type: object releaseTrain: - description: |- - ReleaseTrain: ReleaseTrain this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) - only if - autoUpgradeMinorVersion is 'true'. type: string scope: - description: 'Scope: Scope at which the extension is installed.' properties: cluster: - description: 'Cluster: Specifies that the scope of the extension is Cluster' properties: releaseNamespace: - description: |- - ReleaseNamespace: Namespace where the extension Release must be placed, for a Cluster scoped extension. If this - namespace does not exist, it will be created type: string type: object namespace: - description: 'Namespace: Specifies that the scope of the extension is Namespace' properties: targetNamespace: - description: |- - TargetNamespace: Namespace where the extension will be created for an Namespace scoped extension. If this namespace - does not exist, it will be created type: string type: object type: object systemData: - description: |- - SystemData: Top level metadata - https://github.com/Azure/azure-resource-manager-rpc/blob/master/v1.0/common-api-contracts.md#system-metadata-for-all-azure-resources properties: createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' type: string createdBy: - description: 'CreatedBy: The identity that created the resource.' type: string createdByType: - description: 'CreatedByType: The type of identity that created the resource.' enum: - Application - Key @@ -3222,13 +2091,10 @@ spec: - User type: string lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' type: string lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' type: string lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' enum: - Application - Key @@ -3237,68 +2103,41 @@ spec: type: string type: object version: - description: |- - Version: User-specified version of the extension for this extension to 'pin'. To use 'version', autoUpgradeMinorVersion - must be 'false'. type: string required: - owner type: object status: - description: The Extension object. properties: aksAssignedIdentity: - description: 'AksAssignedIdentity: Identity of the Extension resource in an AKS cluster' properties: principalId: - description: 'PrincipalId: The principal ID of resource identity.' type: string tenantId: - description: 'TenantId: The tenant ID of resource.' type: string type: - description: 'Type: The identity type.' type: string type: object autoUpgradeMinorVersion: - description: 'AutoUpgradeMinorVersion: Flag to note if this extension participates in auto upgrade of minor version, or not.' type: boolean conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -3310,214 +2149,139 @@ spec: configurationProtectedSettings: additionalProperties: type: string - description: |- - ConfigurationProtectedSettings: Configuration settings that are sensitive, as name-value pairs for configuring this - extension. type: object configurationSettings: additionalProperties: type: string - description: 'ConfigurationSettings: Configuration settings, as name-value pairs for configuring this extension.' type: object currentVersion: - description: 'CurrentVersion: Currently installed version of the extension.' type: string customLocationSettings: additionalProperties: type: string - description: 'CustomLocationSettings: Custom Location settings properties.' type: object errorInfo: - description: 'ErrorInfo: Error information from the Agent - e.g. errors during installation.' properties: additionalInfo: - description: 'AdditionalInfo: The error additional info.' items: - description: The resource management error additional info. properties: info: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Info: The additional info.' type: object type: - description: 'Type: The additional info type.' type: string type: object type: array code: - description: 'Code: The error code.' type: string details: - description: 'Details: The error details.' items: properties: additionalInfo: - description: 'AdditionalInfo: The error additional info.' items: - description: The resource management error additional info. properties: info: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Info: The additional info.' type: object type: - description: 'Type: The additional info type.' type: string type: object type: array code: - description: 'Code: The error code.' type: string message: - description: 'Message: The error message.' type: string target: - description: 'Target: The error target.' type: string type: object type: array message: - description: 'Message: The error message.' type: string target: - description: 'Target: The error target.' type: string type: object extensionType: - description: |- - ExtensionType: Type of the Extension, of which this resource is an instance of. It must be one of the Extension Types - registered with Microsoft.KubernetesConfiguration by the Extension publisher. type: string id: - description: |- - Id: Fully qualified resource ID for the resource. Ex - - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} type: string identity: - description: 'Identity: Identity of the Extension resource' properties: principalId: - description: 'PrincipalId: The principal ID of resource identity.' type: string tenantId: - description: 'TenantId: The tenant ID of resource.' type: string type: - description: 'Type: The identity type.' type: string type: object isSystemExtension: - description: 'IsSystemExtension: Flag to note if this extension is a system extension' type: boolean name: - description: 'Name: The name of the resource' type: string packageUri: - description: 'PackageUri: Uri of the Helm package' type: string plan: - description: 'Plan: The plan information.' properties: name: - description: 'Name: A user defined name of the 3rd Party Artifact that is being procured.' type: string product: - description: |- - Product: The 3rd Party artifact that is being procured. E.g. NewRelic. Product maps to the OfferID specified for the - artifact at the time of Data Market onboarding. type: string promotionCode: - description: 'PromotionCode: A publisher provided promotion code as provisioned in Data Market for the said product/artifact.' type: string publisher: - description: 'Publisher: The publisher of the 3rd Party Artifact that is being bought. E.g. NewRelic' type: string version: - description: 'Version: The version of the desired product/artifact.' type: string type: object releaseTrain: - description: |- - ReleaseTrain: ReleaseTrain this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) - only if - autoUpgradeMinorVersion is 'true'. type: string scope: - description: 'Scope: Scope at which the extension is installed.' properties: cluster: - description: 'Cluster: Specifies that the scope of the extension is Cluster' properties: releaseNamespace: - description: |- - ReleaseNamespace: Namespace where the extension Release must be placed, for a Cluster scoped extension. If this - namespace does not exist, it will be created type: string type: object namespace: - description: 'Namespace: Specifies that the scope of the extension is Namespace' properties: targetNamespace: - description: |- - TargetNamespace: Namespace where the extension will be created for an Namespace scoped extension. If this namespace - does not exist, it will be created type: string type: object type: object statuses: - description: 'Statuses: Status from this extension.' items: - description: Status from the extension. properties: code: - description: 'Code: Status code provided by the Extension' type: string displayStatus: - description: 'DisplayStatus: Short description of status of the extension.' type: string level: - description: 'Level: Level of the status.' type: string message: - description: 'Message: Detailed message of the status from the Extension.' type: string time: - description: 'Time: DateLiteral (per ISO8601) noting the time of installation status.' type: string type: object type: array systemData: - description: |- - SystemData: Top level metadata - https://github.com/Azure/azure-resource-manager-rpc/blob/master/v1.0/common-api-contracts.md#system-metadata-for-all-azure-resources properties: createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' type: string createdBy: - description: 'CreatedBy: The identity that created the resource.' type: string createdByType: - description: 'CreatedByType: The type of identity that created the resource.' type: string lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' type: string lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' type: string lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' type: string type: object type: - description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' type: string version: - description: |- - Version: User-specified version of the extension for this extension to 'pin'. To use 'version', autoUpgradeMinorVersion - must be 'false'. type: string type: object type: object @@ -3541,48 +2305,24 @@ spec: name: v1api20241101storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20241101.Extension - Generator information: - - Generated from: /kubernetesconfiguration/resource-manager/Microsoft.KubernetesConfiguration/extensions/stable/2024-11-01/extensions.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{clusterRp}/{clusterResourceName}/{clusterName}/providers/Microsoft.KubernetesConfiguration/extensions/{extensionName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20241101.Extension_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object aksAssignedIdentity: - description: Storage version of v1api20241101.Extension_Properties_AksAssignedIdentity_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object type: type: string @@ -3590,19 +2330,10 @@ spec: autoUpgradeMinorVersion: type: boolean azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string configurationProtectedSettings: - description: |- - SecretMapReference is a reference to a Kubernetes secret in the same namespace as - the resource it is on. properties: name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - name @@ -3614,55 +2345,28 @@ spec: extensionType: type: string identity: - description: |- - Storage version of v1api20241101.Identity - Identity for the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object type: type: string type: object operatorSpec: - description: |- - Storage version of v1api20241101.ExtensionOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -3670,28 +2374,16 @@ spec: type: object type: array configMaps: - description: Storage version of v1api20241101.ExtensionOperatorConfigMaps properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object principalId: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to: SecretDestination in secrets.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -3700,27 +2392,12 @@ spec: type: object secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -3731,36 +2408,22 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. This resource is an - extension resource, which means that any other Azure resource can be its owner. properties: armId: - description: Ownership across namespaces is not supported. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object plan: - description: |- - Storage version of v1api20241101.Plan - Plan for the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -3776,59 +2439,35 @@ spec: releaseTrain: type: string scope: - description: |- - Storage version of v1api20241101.Scope - Scope of the extension. It can be either Cluster or Namespace; but not both. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object cluster: - description: |- - Storage version of v1api20241101.ScopeCluster - Specifies that the scope of the extension is Cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object releaseNamespace: type: string type: object namespace: - description: |- - Storage version of v1api20241101.ScopeNamespace - Specifies that the scope of the extension is Namespace properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object targetNamespace: type: string type: object type: object systemData: - description: |- - Storage version of v1api20241101.SystemData - Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -3849,26 +2488,16 @@ spec: - owner type: object status: - description: |- - Storage version of v1api20241101.Extension_STATUS - The Extension object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object aksAssignedIdentity: - description: Storage version of v1api20241101.Extension_Properties_AksAssignedIdentity_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object principalId: type: string @@ -3881,39 +2510,22 @@ spec: type: boolean conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -3937,29 +2549,17 @@ spec: type: string type: object errorInfo: - description: |- - Storage version of v1api20241101.ErrorDetail_STATUS - The error detail. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object additionalInfo: items: - description: |- - Storage version of v1api20241101.ErrorAdditionalInfo_STATUS - The resource management error additional info. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object info: additionalProperties: @@ -3973,27 +2573,17 @@ spec: type: string details: items: - description: Storage version of v1api20241101.ErrorDetail_STATUS_Unrolled properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object additionalInfo: items: - description: |- - Storage version of v1api20241101.ErrorAdditionalInfo_STATUS - The resource management error additional info. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object info: additionalProperties: @@ -4021,16 +2611,10 @@ spec: id: type: string identity: - description: |- - Storage version of v1api20241101.Identity_STATUS - Identity for the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object principalId: type: string @@ -4046,16 +2630,10 @@ spec: packageUri: type: string plan: - description: |- - Storage version of v1api20241101.Plan_STATUS - Plan for the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -4071,43 +2649,25 @@ spec: releaseTrain: type: string scope: - description: |- - Storage version of v1api20241101.Scope_STATUS - Scope of the extension. It can be either Cluster or Namespace; but not both. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object cluster: - description: |- - Storage version of v1api20241101.ScopeCluster_STATUS - Specifies that the scope of the extension is Cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object releaseNamespace: type: string type: object namespace: - description: |- - Storage version of v1api20241101.ScopeNamespace_STATUS - Specifies that the scope of the extension is Namespace properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object targetNamespace: type: string @@ -4115,16 +2675,10 @@ spec: type: object statuses: items: - description: |- - Storage version of v1api20241101.ExtensionStatus_STATUS - Status from the extension. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -4139,16 +2693,10 @@ spec: type: object type: array systemData: - description: |- - Storage version of v1api20241101.SystemData_STATUS - Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -4224,96 +2772,47 @@ spec: name: v1api20230315preview schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/fleet/preview/2023-03-15-preview/fleets.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/fleets/{fleetName}/members/{fleetMemberName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. maxLength: 50 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string clusterResourceReference: - description: |- - ClusterResourceReference: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. - e.g.: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object group: - description: 'Group: The group this member belongs to for multi-cluster update management.' maxLength: 50 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -4321,29 +2820,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -4352,16 +2835,11 @@ spec: type: array type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/Fleet resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object required: @@ -4371,46 +2849,25 @@ spec: status: properties: clusterResourceId: - description: |- - ClusterResourceId: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. e.g.: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'. type: string conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -4420,50 +2877,31 @@ spec: type: object type: array eTag: - description: |- - ETag: If eTag is provided in the response body, it may also be provided as a header per the normal etag convention. - Entity tags are used for comparing two or more entities from the same requested resource. HTTP/1.1 uses entity tags in - the etag (section 14.19), If-Match (section 14.24), If-None-Match (section 14.26), and If-Range (section 14.27) header - fields. type: string group: - description: 'Group: The group this member belongs to for multi-cluster update management.' type: string id: - description: |- - Id: Fully qualified resource ID for the resource. Ex - - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} type: string name: - description: 'Name: The name of the resource' type: string provisioningState: - description: 'ProvisioningState: The status of the last operation.' type: string systemData: - description: 'SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.' properties: createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' type: string createdBy: - description: 'CreatedBy: The identity that created the resource.' type: string createdByType: - description: 'CreatedByType: The type of identity that created the resource.' type: string lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' type: string lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' type: string lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' type: string type: object type: - description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' type: string type: object type: object @@ -4487,104 +2925,49 @@ spec: name: v1api20230315previewstorage schema: openAPIV3Schema: - description: |- - Storage version of v1api20230315preview.FleetsMember - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/fleet/preview/2023-03-15-preview/fleets.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/fleets/{fleetName}/members/{fleetMemberName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20230315preview.FleetsMember_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string clusterResourceReference: - description: |- - ClusterResourceReference: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. - e.g.: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object group: type: string operatorSpec: - description: |- - Storage version of v1api20230315preview.FleetsMemberOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -4593,27 +2976,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -4624,16 +2992,11 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/Fleet resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object required: @@ -4641,52 +3004,31 @@ spec: - owner type: object status: - description: Storage version of v1api20230315preview.FleetsMember_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clusterResourceId: type: string conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -4706,16 +3048,10 @@ spec: provisioningState: type: string systemData: - description: |- - Storage version of v1api20230315preview.SystemData_STATUS - Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -4754,96 +3090,47 @@ spec: name: v1api20250301 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/fleet/stable/2025-03-01/fleets.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/fleets/{fleetName}/members/{fleetMemberName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. maxLength: 50 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string clusterResourceReference: - description: |- - ClusterResourceReference: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. - e.g.: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object group: - description: 'Group: The group this member belongs to for multi-cluster update management.' maxLength: 50 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -4851,29 +3138,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -4882,16 +3153,11 @@ spec: type: array type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/Fleet resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object required: @@ -4901,46 +3167,25 @@ spec: status: properties: clusterResourceId: - description: |- - ClusterResourceId: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. e.g.: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'. type: string conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -4950,115 +3195,78 @@ spec: type: object type: array eTag: - description: |- - ETag: If eTag is provided in the response body, it may also be provided as a header per the normal etag convention. - Entity tags are used for comparing two or more entities from the same requested resource. HTTP/1.1 uses entity tags in - the etag (section 14.19), If-Match (section 14.24), If-None-Match (section 14.26), and If-Range (section 14.27) header - fields. type: string group: - description: 'Group: The group this member belongs to for multi-cluster update management.' type: string id: - description: |- - Id: Fully qualified resource ID for the resource. E.g. - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" type: string name: - description: 'Name: The name of the resource' type: string provisioningState: - description: 'ProvisioningState: The status of the last operation.' type: string status: - description: 'Status: Status information of the last operation for fleet member.' properties: lastOperationError: - description: 'LastOperationError: The last operation error of the fleet member' properties: additionalInfo: - description: 'AdditionalInfo: The error additional info.' items: - description: The resource management error additional info. properties: info: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Info: The additional info.' type: object type: - description: 'Type: The additional info type.' type: string type: object type: array code: - description: 'Code: The error code.' type: string details: - description: 'Details: The error details.' items: properties: additionalInfo: - description: 'AdditionalInfo: The error additional info.' items: - description: The resource management error additional info. properties: info: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Info: The additional info.' type: object type: - description: 'Type: The additional info type.' type: string type: object type: array code: - description: 'Code: The error code.' type: string message: - description: 'Message: The error message.' type: string target: - description: 'Target: The error target.' type: string type: object type: array message: - description: 'Message: The error message.' type: string target: - description: 'Target: The error target.' type: string type: object lastOperationId: - description: 'LastOperationId: The last operation ID for the fleet member' type: string type: object systemData: - description: 'SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.' properties: createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' type: string createdBy: - description: 'CreatedBy: The identity that created the resource.' type: string createdByType: - description: 'CreatedByType: The type of identity that created the resource.' type: string lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' type: string lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' type: string lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' type: string type: object type: - description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' type: string type: object type: object @@ -5082,104 +3290,49 @@ spec: name: v1api20250301storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20250301.FleetsMember - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/fleet/stable/2025-03-01/fleets.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/fleets/{fleetName}/members/{fleetMemberName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20250301.FleetsMember_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string clusterResourceReference: - description: |- - ClusterResourceReference: The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. - e.g.: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object group: type: string operatorSpec: - description: |- - Storage version of v1api20250301.FleetsMemberOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -5188,27 +3341,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -5219,16 +3357,11 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/Fleet resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object required: @@ -5236,52 +3369,31 @@ spec: - owner type: object status: - description: Storage version of v1api20250301.FleetsMember_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clusterResourceId: type: string conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -5301,41 +3413,23 @@ spec: provisioningState: type: string status: - description: |- - Storage version of v1api20250301.FleetMemberStatus_STATUS - Status information for the fleet member properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object lastOperationError: - description: |- - Storage version of v1api20250301.ErrorDetail_STATUS - The error detail. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object additionalInfo: items: - description: |- - Storage version of v1api20250301.ErrorAdditionalInfo_STATUS - The resource management error additional info. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object info: additionalProperties: @@ -5349,27 +3443,17 @@ spec: type: string details: items: - description: Storage version of v1api20250301.ErrorDetail_STATUS_Unrolled properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object additionalInfo: items: - description: |- - Storage version of v1api20250301.ErrorAdditionalInfo_STATUS - The resource management error additional info. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object info: additionalProperties: @@ -5396,16 +3480,10 @@ spec: type: string type: object systemData: - description: |- - Storage version of v1api20250301.SystemData_STATUS - Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -5479,56 +3557,29 @@ spec: name: v1api20240901 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/maintenanceConfigurations/{configName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string maintenanceWindow: - description: 'MaintenanceWindow: Maintenance window for the maintenance configuration.' properties: durationHours: - description: 'DurationHours: Length of maintenance window range from 4 to 24 hours.' maximum: 24 minimum: 4 type: integer notAllowedDates: - description: |- - NotAllowedDates: Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with - 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 - 22:00' to '2023-01-03 22:00' in UTC time. items: - description: For example, between '2022-12-23' and '2023-01-05'. properties: end: - description: 'End: The end date of the date span.' type: string start: - description: 'Start: The start date of the date span.' type: string required: - end @@ -5536,18 +3587,14 @@ spec: type: object type: array schedule: - description: 'Schedule: Recurrence schedule for the maintenance window.' properties: absoluteMonthly: - description: 'AbsoluteMonthly: For schedules like: ''recur every month on the 15th'' or ''recur every 3 months on the 20th''.' properties: dayOfMonth: - description: 'DayOfMonth: The date of the month.' maximum: 31 minimum: 1 type: integer intervalMonths: - description: 'IntervalMonths: Specifies the number of months between each set of occurrences.' maximum: 6 minimum: 1 type: integer @@ -5556,10 +3603,8 @@ spec: - intervalMonths type: object daily: - description: 'Daily: For schedules like: ''recur every day'' or ''recur every 3 days''.' properties: intervalDays: - description: 'IntervalDays: Specifies the number of days between each set of occurrences.' maximum: 7 minimum: 1 type: integer @@ -5567,10 +3612,8 @@ spec: - intervalDays type: object relativeMonthly: - description: 'RelativeMonthly: For schedules like: ''recur every month on the first Monday'' or ''recur every 3 months on last Friday''.' properties: dayOfWeek: - description: 'DayOfWeek: Specifies on which day of the week the maintenance occurs.' enum: - Friday - Monday @@ -5581,12 +3624,10 @@ spec: - Wednesday type: string intervalMonths: - description: 'IntervalMonths: Specifies the number of months between each set of occurrences.' maximum: 6 minimum: 1 type: integer weekIndex: - description: 'WeekIndex: Specifies on which week of the month the dayOfWeek applies.' enum: - First - Fourth @@ -5600,10 +3641,8 @@ spec: - weekIndex type: object weekly: - description: 'Weekly: For schedules like: ''recur every Monday'' or ''recur every 3 weeks on Wednesday''.' properties: dayOfWeek: - description: 'DayOfWeek: Specifies on which day of the week the maintenance occurs.' enum: - Friday - Monday @@ -5614,7 +3653,6 @@ spec: - Wednesday type: string intervalWeeks: - description: 'IntervalWeeks: Specifies the number of weeks between each set of occurrences.' maximum: 4 minimum: 1 type: integer @@ -5624,20 +3662,11 @@ spec: type: object type: object startDate: - description: |- - StartDate: The date the maintenance window activates. If the current date is before this date, the maintenance window is - inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away. type: string startTime: - description: |- - StartTime: The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to - this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'. pattern: ^\d{2}:\d{2}$ type: string utcOffset: - description: |- - UtcOffset: The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the - default is '+00:00'. pattern: ^(-|\+)[0-9]{2}:[0-9]{2}$ type: string required: @@ -5646,47 +3675,24 @@ spec: - startTime type: object notAllowedTime: - description: 'NotAllowedTime: Time slots on which upgrade is not allowed.' items: - description: For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z. properties: end: - description: 'End: The end of a time span' type: string start: - description: 'Start: The start of a time span' type: string type: object type: array operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -5694,29 +3700,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -5725,27 +3715,17 @@ spec: type: array type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object timeInWeek: - description: |- - TimeInWeek: If two array entries specify the same day of the week, the applied configuration is the union of times in - both entries. items: - description: Time in a week. properties: day: - description: 'Day: The day of the week.' enum: - Friday - Monday @@ -5756,10 +3736,6 @@ spec: - Wednesday type: string hourSlots: - description: |- - HourSlots: Each integer hour represents a time range beginning at 0m after the hour ending at the next hour - (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC - time range. items: maximum: 23 minimum: 0 @@ -5773,41 +3749,23 @@ spec: status: properties: conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -5817,150 +3775,96 @@ spec: type: object type: array id: - description: 'Id: Resource ID.' type: string maintenanceWindow: - description: 'MaintenanceWindow: Maintenance window for the maintenance configuration.' properties: durationHours: - description: 'DurationHours: Length of maintenance window range from 4 to 24 hours.' type: integer notAllowedDates: - description: |- - NotAllowedDates: Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with - 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 - 22:00' to '2023-01-03 22:00' in UTC time. items: - description: For example, between '2022-12-23' and '2023-01-05'. properties: end: - description: 'End: The end date of the date span.' type: string start: - description: 'Start: The start date of the date span.' type: string type: object type: array schedule: - description: 'Schedule: Recurrence schedule for the maintenance window.' properties: absoluteMonthly: - description: 'AbsoluteMonthly: For schedules like: ''recur every month on the 15th'' or ''recur every 3 months on the 20th''.' properties: dayOfMonth: - description: 'DayOfMonth: The date of the month.' type: integer intervalMonths: - description: 'IntervalMonths: Specifies the number of months between each set of occurrences.' type: integer type: object daily: - description: 'Daily: For schedules like: ''recur every day'' or ''recur every 3 days''.' properties: intervalDays: - description: 'IntervalDays: Specifies the number of days between each set of occurrences.' type: integer type: object relativeMonthly: - description: 'RelativeMonthly: For schedules like: ''recur every month on the first Monday'' or ''recur every 3 months on last Friday''.' properties: dayOfWeek: - description: 'DayOfWeek: Specifies on which day of the week the maintenance occurs.' type: string intervalMonths: - description: 'IntervalMonths: Specifies the number of months between each set of occurrences.' type: integer weekIndex: - description: 'WeekIndex: Specifies on which week of the month the dayOfWeek applies.' type: string type: object weekly: - description: 'Weekly: For schedules like: ''recur every Monday'' or ''recur every 3 weeks on Wednesday''.' properties: dayOfWeek: - description: 'DayOfWeek: Specifies on which day of the week the maintenance occurs.' type: string intervalWeeks: - description: 'IntervalWeeks: Specifies the number of weeks between each set of occurrences.' type: integer type: object type: object startDate: - description: |- - StartDate: The date the maintenance window activates. If the current date is before this date, the maintenance window is - inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away. type: string startTime: - description: |- - StartTime: The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to - this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'. type: string utcOffset: - description: |- - UtcOffset: The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the - default is '+00:00'. type: string type: object name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string notAllowedTime: - description: 'NotAllowedTime: Time slots on which upgrade is not allowed.' items: - description: For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z. properties: end: - description: 'End: The end of a time span' type: string start: - description: 'Start: The start of a time span' type: string type: object type: array systemData: - description: 'SystemData: The system metadata relating to this resource.' properties: createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' type: string createdBy: - description: 'CreatedBy: The identity that created the resource.' type: string createdByType: - description: 'CreatedByType: The type of identity that created the resource.' type: string lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' type: string lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' type: string lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' type: string type: object timeInWeek: - description: |- - TimeInWeek: If two array entries specify the same day of the week, the applied configuration is the union of times in - both entries. items: - description: Time in a week. properties: day: - description: 'Day: The day of the week.' type: string hourSlots: - description: |- - HourSlots: Each integer hour represents a time range beginning at 0m after the hour ending at the next hour - (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC - time range. items: type: integer type: array type: object type: array type: - description: 'Type: Resource type' type: string type: object type: object @@ -5984,70 +3888,35 @@ spec: name: v1api20240901storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20240901.MaintenanceConfiguration - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/maintenanceConfigurations/{configName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20240901.MaintenanceConfiguration_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string maintenanceWindow: - description: |- - Storage version of v1api20240901.MaintenanceWindow - Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object durationHours: type: integer notAllowedDates: items: - description: |- - Storage version of v1api20240901.DateSpan - For example, between '2022-12-23' and '2023-01-05'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object end: type: string @@ -6056,29 +3925,16 @@ spec: type: object type: array schedule: - description: |- - Storage version of v1api20240901.Schedule - One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or - 'relativeMonthly' for your maintenance schedule. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object absoluteMonthly: - description: |- - Storage version of v1api20240901.AbsoluteMonthlySchedule - For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dayOfMonth: type: integer @@ -6086,31 +3942,19 @@ spec: type: integer type: object daily: - description: |- - Storage version of v1api20240901.DailySchedule - For schedules like: 'recur every day' or 'recur every 3 days'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object intervalDays: type: integer type: object relativeMonthly: - description: |- - Storage version of v1api20240901.RelativeMonthlySchedule - For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dayOfWeek: type: string @@ -6120,16 +3964,10 @@ spec: type: string type: object weekly: - description: |- - Storage version of v1api20240901.WeeklySchedule - For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dayOfWeek: type: string @@ -6146,16 +3984,10 @@ spec: type: object notAllowedTime: items: - description: |- - Storage version of v1api20240901.TimeSpan - For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object end: type: string @@ -6164,40 +3996,19 @@ spec: type: object type: array operatorSpec: - description: |- - Storage version of v1api20240901.MaintenanceConfigurationOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -6206,27 +4017,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -6237,30 +4033,19 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object timeInWeek: items: - description: |- - Storage version of v1api20240901.TimeInWeek - Time in a week. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object day: type: string @@ -6274,50 +4059,29 @@ spec: - owner type: object status: - description: Storage version of v1api20240901.MaintenanceConfiguration_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -6329,31 +4093,19 @@ spec: id: type: string maintenanceWindow: - description: |- - Storage version of v1api20240901.MaintenanceWindow_STATUS - Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object durationHours: type: integer notAllowedDates: items: - description: |- - Storage version of v1api20240901.DateSpan_STATUS - For example, between '2022-12-23' and '2023-01-05'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object end: type: string @@ -6362,29 +4114,16 @@ spec: type: object type: array schedule: - description: |- - Storage version of v1api20240901.Schedule_STATUS - One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or - 'relativeMonthly' for your maintenance schedule. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object absoluteMonthly: - description: |- - Storage version of v1api20240901.AbsoluteMonthlySchedule_STATUS - For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dayOfMonth: type: integer @@ -6392,31 +4131,19 @@ spec: type: integer type: object daily: - description: |- - Storage version of v1api20240901.DailySchedule_STATUS - For schedules like: 'recur every day' or 'recur every 3 days'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object intervalDays: type: integer type: object relativeMonthly: - description: |- - Storage version of v1api20240901.RelativeMonthlySchedule_STATUS - For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dayOfWeek: type: string @@ -6426,16 +4153,10 @@ spec: type: string type: object weekly: - description: |- - Storage version of v1api20240901.WeeklySchedule_STATUS - For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dayOfWeek: type: string @@ -6454,16 +4175,10 @@ spec: type: string notAllowedTime: items: - description: |- - Storage version of v1api20240901.TimeSpan_STATUS - For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object end: type: string @@ -6472,16 +4187,10 @@ spec: type: object type: array systemData: - description: |- - Storage version of v1api20240901.SystemData_STATUS - Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -6498,16 +4207,10 @@ spec: type: object timeInWeek: items: - description: |- - Storage version of v1api20240901.TimeInWeek_STATUS - Time in a week. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object day: type: string @@ -6541,56 +4244,29 @@ spec: name: v1api20250801 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2025-08-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/maintenanceConfigurations/{configName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string maintenanceWindow: - description: 'MaintenanceWindow: Maintenance window for the maintenance configuration.' properties: durationHours: - description: 'DurationHours: Length of maintenance window range from 4 to 24 hours.' maximum: 24 minimum: 4 type: integer notAllowedDates: - description: |- - NotAllowedDates: Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with - 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 - 22:00' to '2023-01-03 22:00' in UTC time. items: - description: A date range. For example, between '2022-12-23' and '2023-01-05'. properties: end: - description: 'End: The end date of the date span.' type: string start: - description: 'Start: The start date of the date span.' type: string required: - end @@ -6598,18 +4274,14 @@ spec: type: object type: array schedule: - description: 'Schedule: Recurrence schedule for the maintenance window.' properties: absoluteMonthly: - description: 'AbsoluteMonthly: For schedules like: ''recur every month on the 15th'' or ''recur every 3 months on the 20th''.' properties: dayOfMonth: - description: 'DayOfMonth: The date of the month.' maximum: 31 minimum: 1 type: integer intervalMonths: - description: 'IntervalMonths: Specifies the number of months between each set of occurrences.' maximum: 6 minimum: 1 type: integer @@ -6618,10 +4290,8 @@ spec: - intervalMonths type: object daily: - description: 'Daily: For schedules like: ''recur every day'' or ''recur every 3 days''.' properties: intervalDays: - description: 'IntervalDays: Specifies the number of days between each set of occurrences.' maximum: 7 minimum: 1 type: integer @@ -6629,10 +4299,8 @@ spec: - intervalDays type: object relativeMonthly: - description: 'RelativeMonthly: For schedules like: ''recur every month on the first Monday'' or ''recur every 3 months on last Friday''.' properties: dayOfWeek: - description: 'DayOfWeek: Specifies on which day of the week the maintenance occurs.' enum: - Friday - Monday @@ -6643,12 +4311,10 @@ spec: - Wednesday type: string intervalMonths: - description: 'IntervalMonths: Specifies the number of months between each set of occurrences.' maximum: 6 minimum: 1 type: integer weekIndex: - description: 'WeekIndex: The week index. Specifies on which week of the month the dayOfWeek applies.' enum: - First - Fourth @@ -6662,10 +4328,8 @@ spec: - weekIndex type: object weekly: - description: 'Weekly: For schedules like: ''recur every Monday'' or ''recur every 3 weeks on Wednesday''.' properties: dayOfWeek: - description: 'DayOfWeek: Specifies on which day of the week the maintenance occurs.' enum: - Friday - Monday @@ -6676,7 +4340,6 @@ spec: - Wednesday type: string intervalWeeks: - description: 'IntervalWeeks: Specifies the number of weeks between each set of occurrences.' maximum: 4 minimum: 1 type: integer @@ -6686,20 +4349,11 @@ spec: type: object type: object startDate: - description: |- - StartDate: The date the maintenance window activates. If the current date is before this date, the maintenance window is - inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away. type: string startTime: - description: |- - StartTime: The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to - this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'. pattern: ^\d{2}:\d{2}$ type: string utcOffset: - description: |- - UtcOffset: The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the - default is '+00:00'. pattern: ^(-|\+)[0-9]{2}:[0-9]{2}$ type: string required: @@ -6708,47 +4362,24 @@ spec: - startTime type: object notAllowedTime: - description: 'NotAllowedTime: Time slots on which upgrade is not allowed.' items: - description: A time range. For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z. properties: end: - description: 'End: The end of a time span' type: string start: - description: 'Start: The start of a time span' type: string type: object type: array operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -6756,29 +4387,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -6787,27 +4402,17 @@ spec: type: array type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object timeInWeek: - description: |- - TimeInWeek: Time slots during the week when planned maintenance is allowed to proceed. If two array entries specify the - same day of the week, the applied configuration is the union of times in both entries. items: - description: Time in a week. properties: day: - description: 'Day: The day of the week.' enum: - Friday - Monday @@ -6818,10 +4423,6 @@ spec: - Wednesday type: string hourSlots: - description: |- - HourSlots: A list of hours in the day used to identify a time range. Each integer hour represents a time range beginning - at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. - Specifying [0, 1] means the 00:00 - 02:00 UTC time range. items: maximum: 23 minimum: 0 @@ -6835,41 +4436,23 @@ spec: status: properties: conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -6879,150 +4462,96 @@ spec: type: object type: array id: - description: 'Id: Resource ID.' type: string maintenanceWindow: - description: 'MaintenanceWindow: Maintenance window for the maintenance configuration.' properties: durationHours: - description: 'DurationHours: Length of maintenance window range from 4 to 24 hours.' type: integer notAllowedDates: - description: |- - NotAllowedDates: Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with - 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 - 22:00' to '2023-01-03 22:00' in UTC time. items: - description: A date range. For example, between '2022-12-23' and '2023-01-05'. properties: end: - description: 'End: The end date of the date span.' type: string start: - description: 'Start: The start date of the date span.' type: string type: object type: array schedule: - description: 'Schedule: Recurrence schedule for the maintenance window.' properties: absoluteMonthly: - description: 'AbsoluteMonthly: For schedules like: ''recur every month on the 15th'' or ''recur every 3 months on the 20th''.' properties: dayOfMonth: - description: 'DayOfMonth: The date of the month.' type: integer intervalMonths: - description: 'IntervalMonths: Specifies the number of months between each set of occurrences.' type: integer type: object daily: - description: 'Daily: For schedules like: ''recur every day'' or ''recur every 3 days''.' properties: intervalDays: - description: 'IntervalDays: Specifies the number of days between each set of occurrences.' type: integer type: object relativeMonthly: - description: 'RelativeMonthly: For schedules like: ''recur every month on the first Monday'' or ''recur every 3 months on last Friday''.' properties: dayOfWeek: - description: 'DayOfWeek: Specifies on which day of the week the maintenance occurs.' type: string intervalMonths: - description: 'IntervalMonths: Specifies the number of months between each set of occurrences.' type: integer weekIndex: - description: 'WeekIndex: The week index. Specifies on which week of the month the dayOfWeek applies.' type: string type: object weekly: - description: 'Weekly: For schedules like: ''recur every Monday'' or ''recur every 3 weeks on Wednesday''.' properties: dayOfWeek: - description: 'DayOfWeek: Specifies on which day of the week the maintenance occurs.' type: string intervalWeeks: - description: 'IntervalWeeks: Specifies the number of weeks between each set of occurrences.' type: integer type: object type: object startDate: - description: |- - StartDate: The date the maintenance window activates. If the current date is before this date, the maintenance window is - inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away. type: string startTime: - description: |- - StartTime: The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to - this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'. type: string utcOffset: - description: |- - UtcOffset: The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the - default is '+00:00'. type: string type: object name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string notAllowedTime: - description: 'NotAllowedTime: Time slots on which upgrade is not allowed.' items: - description: A time range. For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z. properties: end: - description: 'End: The end of a time span' type: string start: - description: 'Start: The start of a time span' type: string type: object type: array systemData: - description: 'SystemData: The system metadata relating to this resource.' properties: createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' type: string createdBy: - description: 'CreatedBy: The identity that created the resource.' type: string createdByType: - description: 'CreatedByType: The type of identity that created the resource.' type: string lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' type: string lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' type: string lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' type: string type: object timeInWeek: - description: |- - TimeInWeek: Time slots during the week when planned maintenance is allowed to proceed. If two array entries specify the - same day of the week, the applied configuration is the union of times in both entries. items: - description: Time in a week. properties: day: - description: 'Day: The day of the week.' type: string hourSlots: - description: |- - HourSlots: A list of hours in the day used to identify a time range. Each integer hour represents a time range beginning - at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. - Specifying [0, 1] means the 00:00 - 02:00 UTC time range. items: type: integer type: array type: object type: array type: - description: 'Type: Resource type' type: string type: object type: object @@ -7046,70 +4575,35 @@ spec: name: v1api20250801storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20250801.MaintenanceConfiguration - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2025-08-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/maintenanceConfigurations/{configName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20250801.MaintenanceConfiguration_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string maintenanceWindow: - description: |- - Storage version of v1api20250801.MaintenanceWindow - Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object durationHours: type: integer notAllowedDates: items: - description: |- - Storage version of v1api20250801.DateSpan - A date range. For example, between '2022-12-23' and '2023-01-05'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object end: type: string @@ -7118,29 +4612,16 @@ spec: type: object type: array schedule: - description: |- - Storage version of v1api20250801.Schedule - One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or - 'relativeMonthly' for your maintenance schedule. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object absoluteMonthly: - description: |- - Storage version of v1api20250801.AbsoluteMonthlySchedule - For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dayOfMonth: type: integer @@ -7148,31 +4629,19 @@ spec: type: integer type: object daily: - description: |- - Storage version of v1api20250801.DailySchedule - For schedules like: 'recur every day' or 'recur every 3 days'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object intervalDays: type: integer type: object relativeMonthly: - description: |- - Storage version of v1api20250801.RelativeMonthlySchedule - For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dayOfWeek: type: string @@ -7182,16 +4651,10 @@ spec: type: string type: object weekly: - description: |- - Storage version of v1api20250801.WeeklySchedule - For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dayOfWeek: type: string @@ -7208,16 +4671,10 @@ spec: type: object notAllowedTime: items: - description: |- - Storage version of v1api20250801.TimeSpan - A time range. For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object end: type: string @@ -7226,40 +4683,19 @@ spec: type: object type: array operatorSpec: - description: |- - Storage version of v1api20250801.MaintenanceConfigurationOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -7268,27 +4704,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -7299,30 +4720,19 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object timeInWeek: items: - description: |- - Storage version of v1api20250801.TimeInWeek - Time in a week. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object day: type: string @@ -7336,50 +4746,29 @@ spec: - owner type: object status: - description: Storage version of v1api20250801.MaintenanceConfiguration_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -7391,31 +4780,19 @@ spec: id: type: string maintenanceWindow: - description: |- - Storage version of v1api20250801.MaintenanceWindow_STATUS - Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object durationHours: type: integer notAllowedDates: items: - description: |- - Storage version of v1api20250801.DateSpan_STATUS - A date range. For example, between '2022-12-23' and '2023-01-05'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object end: type: string @@ -7424,29 +4801,16 @@ spec: type: object type: array schedule: - description: |- - Storage version of v1api20250801.Schedule_STATUS - One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or - 'relativeMonthly' for your maintenance schedule. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object absoluteMonthly: - description: |- - Storage version of v1api20250801.AbsoluteMonthlySchedule_STATUS - For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dayOfMonth: type: integer @@ -7454,31 +4818,19 @@ spec: type: integer type: object daily: - description: |- - Storage version of v1api20250801.DailySchedule_STATUS - For schedules like: 'recur every day' or 'recur every 3 days'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object intervalDays: type: integer type: object relativeMonthly: - description: |- - Storage version of v1api20250801.RelativeMonthlySchedule_STATUS - For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dayOfWeek: type: string @@ -7488,16 +4840,10 @@ spec: type: string type: object weekly: - description: |- - Storage version of v1api20250801.WeeklySchedule_STATUS - For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dayOfWeek: type: string @@ -7516,16 +4862,10 @@ spec: type: string notAllowedTime: items: - description: |- - Storage version of v1api20250801.TimeSpan_STATUS - A time range. For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object end: type: string @@ -7534,16 +4874,10 @@ spec: type: object type: array systemData: - description: |- - Storage version of v1api20250801.SystemData_STATUS - Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -7560,16 +4894,10 @@ spec: type: object timeInWeek: items: - description: |- - Storage version of v1api20250801.TimeInWeek_STATUS - Time in a week. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object day: type: string @@ -7640,19 +4968,8 @@ spec: openAPIV3Schema: properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -7702,23 +5019,15 @@ spec: creationData: properties: sourceResourceReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -7741,23 +5050,15 @@ spec: - MIG7g type: string hostGroupReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: @@ -7880,23 +5181,15 @@ spec: type: string type: object nodePublicIPPrefixReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: @@ -7927,23 +5220,15 @@ spec: - Windows type: string podSubnetReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: @@ -7955,23 +5240,15 @@ spec: type: string type: object proximityPlacementGroupReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: @@ -8008,23 +5285,15 @@ spec: vmSize: type: string vnetSubnetReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object workloadRuntime: @@ -8122,9 +5391,6 @@ spec: type: object type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. maxLength: 63 minLength: 1 pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ @@ -8132,23 +5398,15 @@ spec: disableLocalAccounts: type: boolean diskEncryptionSetReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object dnsPrefix: @@ -8193,23 +5451,15 @@ spec: items: properties: reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -8221,17 +5471,10 @@ spec: clientId: type: string clientIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key @@ -8240,40 +5483,25 @@ spec: objectId: type: string objectIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -8330,23 +5558,15 @@ spec: items: properties: reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -8374,23 +5594,15 @@ spec: items: properties: reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -8402,23 +5614,15 @@ spec: items: properties: reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -8436,23 +5640,15 @@ spec: items: properties: reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -8525,34 +5721,15 @@ spec: type: boolean type: object operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -8560,35 +5737,22 @@ spec: type: object type: array configMaps: - description: 'ConfigMaps: configures where to place operator written ConfigMaps.' properties: oidcIssuerProfile: - description: |- - OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be - created. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key - name type: object principalId: - description: 'PrincipalId: indicates where the PrincipalId config map should be placed. If omitted, no config map will be created.' properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -8596,29 +5760,13 @@ spec: type: object type: object secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -8626,37 +5774,22 @@ spec: type: object type: array secrets: - description: 'Secrets: configures where to place Azure generated secrets.' properties: adminCredentials: - description: |- - AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key - name type: object userCredentials: - description: |- - UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key @@ -8665,16 +5798,11 @@ spec: type: object type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podIdentityProfile: @@ -8693,17 +5821,10 @@ spec: clientId: type: string clientIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key @@ -8712,40 +5833,25 @@ spec: objectId: type: string objectIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -8785,23 +5891,15 @@ spec: name: type: string reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requiredMembers: @@ -8831,46 +5929,30 @@ spec: - Public type: string keyVaultResourceReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object defender: properties: logAnalyticsWorkspaceResourceReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object securityMonitoring: @@ -8897,17 +5979,10 @@ spec: clientId: type: string secret: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key @@ -8958,17 +6033,10 @@ spec: windowsProfile: properties: adminPassword: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key @@ -9322,41 +6390,23 @@ spec: azurePortalFQDN: type: string conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -9799,44 +6849,24 @@ spec: name: v1api20230201storage schema: openAPIV3Schema: - description: Storage version of v1api20230201.ManagedCluster properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20230201.ManagedCluster_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: Storage version of v1api20230201.ManagedClusterAADProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -9857,14 +6887,10 @@ spec: type: object addonProfiles: additionalProperties: - description: Storage version of v1api20230201.ManagedClusterAddonProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -9876,14 +6902,10 @@ spec: type: object agentPoolProfiles: items: - description: Storage version of v1api20230201.ManagedClusterAgentPoolProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -9892,33 +6914,21 @@ spec: count: type: integer creationData: - description: Storage version of v1api20230201.CreationData properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -9935,34 +6945,22 @@ spec: gpuInstanceProfile: type: string hostGroupReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: Storage version of v1api20230201.KubeletConfig properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -9992,26 +6990,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20230201.LinuxOSConfig properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20230201.SysctlConfig properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -10090,23 +7080,15 @@ spec: type: string type: object nodePublicIPPrefixReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: @@ -10124,56 +7106,36 @@ spec: osType: type: string podSubnetReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: Storage version of v1api20230201.PowerState properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string type: object proximityPlacementGroupReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: @@ -10191,14 +7153,10 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20230201.AgentPoolUpgradeSettings properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object maxSurge: type: string @@ -10206,23 +7164,15 @@ spec: vmSize: type: string vnetSubnetReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object workloadRuntime: @@ -10230,14 +7180,10 @@ spec: type: object type: array apiServerAccessProfile: - description: Storage version of v1api20230201.ManagedClusterAPIServerAccessProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -10253,14 +7199,10 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20230201.ManagedClusterProperties_AutoScalerProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -10298,49 +7240,33 @@ spec: type: string type: object autoUpgradeProfile: - description: Storage version of v1api20230201.ManagedClusterAutoUpgradeProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object upgradeChannel: type: string type: object azureMonitorProfile: - description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metrics: - description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfileMetrics properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean kubeStateMetrics: - description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfileKubeStateMetrics properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metricAnnotationsAllowList: type: string @@ -10350,30 +7276,19 @@ spec: type: object type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string disableLocalAccounts: type: boolean diskEncryptionSetReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object dnsPrefix: @@ -10383,14 +7298,10 @@ spec: enableRBAC: type: boolean extendedLocation: - description: Storage version of v1api20230201.ExtendedLocation properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -10400,14 +7311,10 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: Storage version of v1api20230201.ManagedClusterHTTPProxyConfig properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object httpProxy: type: string @@ -10421,46 +7328,30 @@ spec: type: string type: object identity: - description: Storage version of v1api20230201.ManagedClusterIdentity properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object type: type: string userAssignedIdentities: items: - description: Storage version of v1api20230201.UserAssignedIdentityDetails properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -10468,29 +7359,18 @@ spec: type: object identityProfile: additionalProperties: - description: Storage version of v1api20230201.UserAssignedIdentity properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string clientIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key @@ -10499,40 +7379,25 @@ spec: objectId: type: string objectIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -10540,37 +7405,25 @@ spec: kubernetesVersion: type: string linuxProfile: - description: Storage version of v1api20230201.ContainerServiceLinuxProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: Storage version of v1api20230201.ContainerServiceSshConfiguration properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: Storage version of v1api20230201.ContainerServiceSshPublicKey properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -10581,14 +7434,10 @@ spec: location: type: string networkProfile: - description: Storage version of v1api20230201.ContainerServiceNetworkProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServiceIP: type: string @@ -10599,46 +7448,30 @@ spec: type: string type: array loadBalancerProfile: - description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer effectiveOutboundIPs: items: - description: Storage version of v1api20230201.ResourceReference properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -10648,14 +7481,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -10663,88 +7492,56 @@ spec: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: Storage version of v1api20230201.ResourceReference properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array type: object outboundIPs: - description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_OutboundIPs properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: Storage version of v1api20230201.ResourceReference properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -10754,44 +7551,28 @@ spec: loadBalancerSku: type: string natGatewayProfile: - description: Storage version of v1api20230201.ManagedClusterNATGatewayProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object effectiveOutboundIPs: items: - description: Storage version of v1api20230201.ResourceReference properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -10799,14 +7580,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: Storage version of v1api20230201.ManagedClusterManagedOutboundIPProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -10840,53 +7617,28 @@ spec: nodeResourceGroup: type: string oidcIssuerProfile: - description: Storage version of v1api20230201.ManagedClusterOIDCIssuerProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object operatorSpec: - description: |- - Storage version of v1api20230201.ManagedClusterOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -10894,46 +7646,26 @@ spec: type: object type: array configMaps: - description: Storage version of v1api20230201.ManagedClusterOperatorConfigMaps properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object oidcIssuerProfile: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to: SecretDestination in secrets.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key - name type: object principalId: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to: SecretDestination in secrets.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -10942,27 +7674,12 @@ spec: type: object secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -10970,46 +7687,26 @@ spec: type: object type: array secrets: - description: Storage version of v1api20230201.ManagedClusterOperatorSecrets properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to: ConfigMapDestination in configmaps.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key - name type: object userCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to: ConfigMapDestination in configmaps.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key @@ -11020,27 +7717,18 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podIdentityProfile: - description: Storage version of v1api20230201.ManagedClusterPodIdentityProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -11048,41 +7736,26 @@ spec: type: boolean userAssignedIdentities: items: - description: Storage version of v1api20230201.ManagedClusterPodIdentity properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: Storage version of v1api20230201.UserAssignedIdentity properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string clientIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key @@ -11091,40 +7764,25 @@ spec: objectId: type: string objectIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -11136,14 +7794,10 @@ spec: type: array userAssignedIdentityExceptions: items: - description: Storage version of v1api20230201.ManagedClusterPodIdentityException properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -11158,37 +7812,25 @@ spec: type: object privateLinkResources: items: - description: Storage version of v1api20230201.PrivateLinkResource properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object groupId: type: string name: type: string reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requiredMembers: @@ -11202,24 +7844,16 @@ spec: publicNetworkAccess: type: string securityProfile: - description: Storage version of v1api20230201.ManagedClusterSecurityProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: Storage version of v1api20230201.AzureKeyVaultKms properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -11228,79 +7862,51 @@ spec: keyVaultNetworkAccess: type: string keyVaultResourceReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object defender: - description: Storage version of v1api20230201.ManagedClusterSecurityProfileDefender properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object logAnalyticsWorkspaceResourceReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object securityMonitoring: - description: Storage version of v1api20230201.ManagedClusterSecurityProfileDefenderSecurityMonitoring properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object imageCleaner: - description: Storage version of v1api20230201.ManagedClusterSecurityProfileImageCleaner properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -11308,43 +7914,28 @@ spec: type: integer type: object workloadIdentity: - description: Storage version of v1api20230201.ManagedClusterSecurityProfileWorkloadIdentity properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object servicePrincipalProfile: - description: Storage version of v1api20230201.ManagedClusterServicePrincipalProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string secret: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key @@ -11352,14 +7943,10 @@ spec: type: object type: object sku: - description: Storage version of v1api20230201.ManagedClusterSKU properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -11367,63 +7954,43 @@ spec: type: string type: object storageProfile: - description: Storage version of v1api20230201.ManagedClusterStorageProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: Storage version of v1api20230201.ManagedClusterStorageProfileBlobCSIDriver properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object diskCSIDriver: - description: Storage version of v1api20230201.ManagedClusterStorageProfileDiskCSIDriver properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object fileCSIDriver: - description: Storage version of v1api20230201.ManagedClusterStorageProfileFileCSIDriver properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object snapshotController: - description: Storage version of v1api20230201.ManagedClusterStorageProfileSnapshotController properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -11434,27 +8001,16 @@ spec: type: string type: object windowsProfile: - description: Storage version of v1api20230201.ManagedClusterWindowsProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminPassword: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key @@ -11465,14 +8021,10 @@ spec: enableCSIProxy: type: boolean gmsaProfile: - description: Storage version of v1api20230201.WindowsGmsaProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServer: type: string @@ -11485,24 +8037,16 @@ spec: type: string type: object workloadAutoScalerProfile: - description: Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keda: - description: Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfileKeda properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -11512,24 +8056,16 @@ spec: - owner type: object status: - description: Storage version of v1api20230201.ManagedCluster_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: Storage version of v1api20230201.ManagedClusterAADProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -11550,14 +8086,10 @@ spec: type: object addonProfiles: additionalProperties: - description: Storage version of v1api20230201.ManagedClusterAddonProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -11566,14 +8098,10 @@ spec: enabled: type: boolean identity: - description: Storage version of v1api20230201.UserAssignedIdentity_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -11586,14 +8114,10 @@ spec: type: object agentPoolProfiles: items: - description: Storage version of v1api20230201.ManagedClusterAgentPoolProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -11602,14 +8126,10 @@ spec: count: type: integer creationData: - description: Storage version of v1api20230201.CreationData_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -11631,14 +8151,10 @@ spec: hostGroupID: type: string kubeletConfig: - description: Storage version of v1api20230201.KubeletConfig_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -11668,26 +8184,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20230201.LinuxOSConfig_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20230201.SysctlConfig_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -11786,14 +8294,10 @@ spec: podSubnetID: type: string powerState: - description: Storage version of v1api20230201.PowerState_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -11817,14 +8321,10 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20230201.AgentPoolUpgradeSettings_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object maxSurge: type: string @@ -11838,14 +8338,10 @@ spec: type: object type: array apiServerAccessProfile: - description: Storage version of v1api20230201.ManagedClusterAPIServerAccessProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -11861,14 +8357,10 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20230201.ManagedClusterProperties_AutoScalerProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -11906,49 +8398,33 @@ spec: type: string type: object autoUpgradeProfile: - description: Storage version of v1api20230201.ManagedClusterAutoUpgradeProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object upgradeChannel: type: string type: object azureMonitorProfile: - description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metrics: - description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfileMetrics_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean kubeStateMetrics: - description: Storage version of v1api20230201.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metricAnnotationsAllowList: type: string @@ -11961,39 +8437,22 @@ spec: type: string conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -12015,14 +8474,10 @@ spec: enableRBAC: type: boolean extendedLocation: - description: Storage version of v1api20230201.ExtendedLocation_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -12034,14 +8489,10 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: Storage version of v1api20230201.ManagedClusterHTTPProxyConfig_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object httpProxy: type: string @@ -12057,14 +8508,10 @@ spec: id: type: string identity: - description: Storage version of v1api20230201.ManagedClusterIdentity_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object principalId: type: string @@ -12074,14 +8521,10 @@ spec: type: string userAssignedIdentities: additionalProperties: - description: Storage version of v1api20230201.ManagedClusterIdentity_UserAssignedIdentities_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -12092,14 +8535,10 @@ spec: type: object identityProfile: additionalProperties: - description: Storage version of v1api20230201.UserAssignedIdentity_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -12112,37 +8551,25 @@ spec: kubernetesVersion: type: string linuxProfile: - description: Storage version of v1api20230201.ContainerServiceLinuxProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: Storage version of v1api20230201.ContainerServiceSshConfiguration_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: Storage version of v1api20230201.ContainerServiceSshPublicKey_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -12157,14 +8584,10 @@ spec: name: type: string networkProfile: - description: Storage version of v1api20230201.ContainerServiceNetworkProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServiceIP: type: string @@ -12175,27 +8598,19 @@ spec: type: string type: array loadBalancerProfile: - description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer effectiveOutboundIPs: items: - description: Storage version of v1api20230201.ResourceReference_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -12206,14 +8621,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -12221,25 +8632,17 @@ spec: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: Storage version of v1api20230201.ResourceReference_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -12247,25 +8650,17 @@ spec: type: array type: object outboundIPs: - description: Storage version of v1api20230201.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: Storage version of v1api20230201.ResourceReference_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -12276,25 +8671,17 @@ spec: loadBalancerSku: type: string natGatewayProfile: - description: Storage version of v1api20230201.ManagedClusterNATGatewayProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object effectiveOutboundIPs: items: - description: Storage version of v1api20230201.ResourceReference_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -12303,14 +8690,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: Storage version of v1api20230201.ManagedClusterManagedOutboundIPProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -12344,14 +8727,10 @@ spec: nodeResourceGroup: type: string oidcIssuerProfile: - description: Storage version of v1api20230201.ManagedClusterOIDCIssuerProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -12359,14 +8738,10 @@ spec: type: string type: object podIdentityProfile: - description: Storage version of v1api20230201.ManagedClusterPodIdentityProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -12374,26 +8749,18 @@ spec: type: boolean userAssignedIdentities: items: - description: Storage version of v1api20230201.ManagedClusterPodIdentity_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: Storage version of v1api20230201.UserAssignedIdentity_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -12407,47 +8774,31 @@ spec: namespace: type: string provisioningInfo: - description: Storage version of v1api20230201.ManagedClusterPodIdentity_ProvisioningInfo_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object error: - description: Storage version of v1api20230201.ManagedClusterPodIdentityProvisioningError_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object error: - description: Storage version of v1api20230201.ManagedClusterPodIdentityProvisioningErrorBody_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string details: items: - description: Storage version of v1api20230201.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -12470,14 +8821,10 @@ spec: type: array userAssignedIdentityExceptions: items: - description: Storage version of v1api20230201.ManagedClusterPodIdentityException_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -12491,14 +8838,10 @@ spec: type: array type: object powerState: - description: Storage version of v1api20230201.PowerState_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -12507,14 +8850,10 @@ spec: type: string privateLinkResources: items: - description: Storage version of v1api20230201.PrivateLinkResource_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object groupId: type: string @@ -12537,24 +8876,16 @@ spec: publicNetworkAccess: type: string securityProfile: - description: Storage version of v1api20230201.ManagedClusterSecurityProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: Storage version of v1api20230201.AzureKeyVaultKms_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -12566,40 +8897,28 @@ spec: type: string type: object defender: - description: Storage version of v1api20230201.ManagedClusterSecurityProfileDefender_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object logAnalyticsWorkspaceResourceId: type: string securityMonitoring: - description: Storage version of v1api20230201.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object imageCleaner: - description: Storage version of v1api20230201.ManagedClusterSecurityProfileImageCleaner_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -12607,41 +8926,29 @@ spec: type: integer type: object workloadIdentity: - description: Storage version of v1api20230201.ManagedClusterSecurityProfileWorkloadIdentity_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object servicePrincipalProfile: - description: Storage version of v1api20230201.ManagedClusterServicePrincipalProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string type: object sku: - description: Storage version of v1api20230201.ManagedClusterSKU_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -12649,77 +8956,53 @@ spec: type: string type: object storageProfile: - description: Storage version of v1api20230201.ManagedClusterStorageProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: Storage version of v1api20230201.ManagedClusterStorageProfileBlobCSIDriver_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object diskCSIDriver: - description: Storage version of v1api20230201.ManagedClusterStorageProfileDiskCSIDriver_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object fileCSIDriver: - description: Storage version of v1api20230201.ManagedClusterStorageProfileFileCSIDriver_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object snapshotController: - description: Storage version of v1api20230201.ManagedClusterStorageProfileSnapshotController_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object systemData: - description: Storage version of v1api20230201.SystemData_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -12741,28 +9024,20 @@ spec: type: type: string windowsProfile: - description: Storage version of v1api20230201.ManagedClusterWindowsProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: - description: Storage version of v1api20230201.WindowsGmsaProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServer: type: string @@ -12775,24 +9050,16 @@ spec: type: string type: object workloadAutoScalerProfile: - description: Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keda: - description: Storage version of v1api20230201.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -12820,166 +9087,94 @@ spec: name: v1api20231001 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: aadProfile: - description: 'AadProfile: The Azure Active Directory configuration.' properties: adminGroupObjectIDs: - description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: - description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string enableAzureRBAC: - description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: - description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: - description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string serverAppSecret: - description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: |- - TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment - subscription. type: string type: object addonProfiles: additionalProperties: - description: A Kubernetes add-on profile for a managed cluster. properties: config: additionalProperties: type: string - description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: - description: 'Enabled: Whether the add-on is enabled or not.' type: boolean required: - enabled type: object - description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: - description: 'AgentPoolProfiles: The agent pool properties.' items: - description: Profile for the container service agent pool. properties: availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' enum: - MIG1g - MIG2g @@ -12988,244 +9183,152 @@ spec: - MIG7g type: string hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. enum: - OS - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' maximum: 90 minimum: 10 type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' maximum: 524288 minimum: 65536 type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' maximum: 2097152 minimum: 131072 type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: - System - User type: string name: - description: 'Name: Windows agent pool names must be 6 characters or less.' pattern: ^[a-z][a-z0-9]{0,11}$ type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. maximum: 65535 minimum: 1 type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. maximum: 65535 minimum: 1 type: integer protocol: - description: 'Protocol: The network protocol of the port.' enum: - TCP - UDP @@ -13233,40 +9336,25 @@ spec: type: object type: array applicationSecurityGroupsReferences: - description: |- - ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when - created. items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array @@ -13274,63 +9362,35 @@ spec: nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. enum: - AzureLinux - CBLMariner @@ -13339,154 +9399,92 @@ spec: - Windows2022 type: string osType: - description: 'OsType: The operating system type. The default is Linux.' enum: - Linux - Windows type: string podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' enum: - Running - Stopped type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' enum: - Deallocate - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. enum: - Deallocate - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' enum: - Regular - Spot type: string spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' enum: - AvailabilitySet - VirtualMachineScaleSets type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. maximum: 1440 minimum: 1 type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' enum: - OCIContainer - WasmWasi @@ -13496,45 +9494,25 @@ spec: type: object type: array apiServerAccessProfile: - description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: |- - AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with - clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API - server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array disableRunCommand: - description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: |- - EnablePrivateCluster: For more details, see [Creating a private AKS - cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: - description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean privateDNSZone: - description: |- - PrivateDNSZone: The default is System. For more details see [configure private DNS - zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and - 'none'. type: string type: object autoScalerProfile: - description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' properties: balance-similar-node-groups: - description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string expander: - description: |- - Expander: If not specified, the default is 'random'. See - [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more - information. enum: - least-waste - most-pods @@ -13542,80 +9520,45 @@ spec: - random type: string max-empty-bulk-delete: - description: 'MaxEmptyBulkDelete: The default is 10.' type: string max-graceful-termination-sec: - description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: |- - MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string max-total-unready-percentage: - description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: |- - NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler - could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is - '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: - description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: |- - ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-delay-after-delete: - description: |- - ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of - time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: |- - ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other - than minutes (m) is supported. type: string scale-down-unneeded-time: - description: |- - ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-unready-time: - description: |- - ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-utilization-threshold: - description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' type: string scan-interval: - description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' type: string skip-nodes-with-local-storage: - description: 'SkipNodesWithLocalStorage: The default is true.' type: string skip-nodes-with-system-pods: - description: 'SkipNodesWithSystemPods: The default is true.' type: string type: object autoUpgradeProfile: - description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: nodeOSUpgradeChannel: - description: 'NodeOSUpgradeChannel: Manner in which the OS on your nodes is updated. The default is NodeImage.' enum: - NodeImage - None - Unmanaged type: string upgradeChannel: - description: |- - UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade - channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). enum: - node-image - none @@ -13625,36 +9568,16 @@ spec: type: string type: object azureMonitorProfile: - description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' properties: metrics: - description: |- - Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. properties: enabled: - description: |- - Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See - aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. type: boolean kubeStateMetrics: - description: |- - KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. properties: metricAnnotationsAllowList: - description: |- - MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource's - labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric - contains only resource name and namespace labels. type: string metricLabelsAllowlist: - description: |- - MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource's - labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only - resource name and namespace labels. type: string type: object required: @@ -13662,162 +9585,99 @@ spec: type: object type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. maxLength: 63 minLength: 1 pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ type: string disableLocalAccounts: - description: |- - DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be - used on Managed Clusters that are AAD enabled. For more details see [disable local - accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetReference: - description: |- - DiskEncryptionSetReference: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object dnsPrefix: - description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enablePodSecurityPolicy: - description: |- - EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was - deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and - https://aka.ms/aks/psp. type: boolean enableRBAC: - description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: 'ExtendedLocation: The extended location of the Virtual Machine.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' enum: - EdgeZone type: string type: object fqdnSubdomain: - description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string httpProxyConfig: - description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' properties: httpProxy: - description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: - description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: - description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: - description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object identity: - description: 'Identity: The identity of the managed cluster, if configured.' properties: delegatedResources: additionalProperties: - description: Delegated resource properties - internal use only. properties: location: - description: 'Location: The source resource location - internal use only.' type: string referralResource: - description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' type: string resourceReference: - description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object tenantId: - description: 'TenantId: The tenant id of the delegated resource - internal use only.' pattern: ^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$ type: string type: object - description: |- - DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another - Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object type: - description: |- - Type: For more information see [use managed identities in - AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). enum: - None - SystemAssigned - UserAssigned type: string userAssignedIdentities: - description: |- - UserAssignedIdentities: The keys must be ARM resource IDs in the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. items: - description: Information about the user assigned identity for the resource properties: reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -13825,96 +9685,58 @@ spec: type: object identityProfile: additionalProperties: - description: Details about a user assigned identity. properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string clientIdFromConfig: - description: 'ClientIdFromConfig: The client ID of the user assigned identity.' properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string objectIdFromConfig: - description: 'ObjectIdFromConfig: The object ID of the user assigned identity.' properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object - description: 'IdentityProfile: Identities associated with the cluster.' type: object kubernetesVersion: - description: |- - KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All - upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or - 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS - cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' properties: adminUsername: - description: 'AdminUsername: The administrator username to use for Linux VMs.' pattern: ^[A-Za-z][-A-Za-z0-9_]*$ type: string ssh: - description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' properties: publicKeys: - description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: Contains information about SSH certificate public key data. properties: keyData: - description: |- - KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or - without headers. type: string required: - keyData @@ -13928,21 +9750,13 @@ spec: - ssh type: object location: - description: 'Location: The geo-location where the resource lives' type: string networkProfile: - description: 'NetworkProfile: The network configuration profile.' properties: dnsServiceIP: - description: |- - DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address - range specified in serviceCidr. pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ type: string ipFamilies: - description: |- - IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value - is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: enum: - IPv4 @@ -13950,133 +9764,85 @@ spec: type: string type: array loadBalancerProfile: - description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: |- - AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 - (inclusive). The default value is 0 which results in Azure dynamically allocating ports. maximum: 64000 minimum: 0 type: integer backendPoolType: - description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' enum: - NodeIP - NodeIPConfiguration type: string effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: - description: A reference to an Azure resource. properties: reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array enableMultipleStandardLoadBalancers: - description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 30 minutes. maximum: 120 minimum: 4 type: integer managedOutboundIPs: - description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: |- - Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values - must be in the range of 1 to 100 (inclusive). The default value is 1. maximum: 100 minimum: 1 type: integer countIPv6: - description: |- - CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed - values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. maximum: 100 minimum: 0 type: integer type: object outboundIPPrefixes: - description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' properties: publicIPPrefixes: - description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: A reference to an Azure resource. properties: reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array type: object outboundIPs: - description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' properties: publicIPs: - description: 'PublicIPs: A list of public IP resources.' items: - description: A reference to an Azure resource. properties: reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -14084,98 +9850,68 @@ spec: type: object type: object loadBalancerSku: - description: |- - LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer - SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load - balancer SKUs. enum: - basic - standard type: string natGatewayProfile: - description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' properties: effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' items: - description: A reference to an Azure resource. properties: reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 4 minutes. maximum: 120 minimum: 4 type: integer managedOutboundIPProfile: - description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: |- - Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 - (inclusive). The default value is 1. maximum: 16 minimum: 1 type: integer type: object type: object networkDataplane: - description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' enum: - azure - cilium type: string networkMode: - description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' enum: - bridge - transparent type: string networkPlugin: - description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' enum: - azure - kubenet - none type: string networkPluginMode: - description: 'NetworkPluginMode: The mode the network plugin should use.' enum: - overlay type: string networkPolicy: - description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' enum: - azure - calico - cilium type: string outboundType: - description: |- - OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see - [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). enum: - loadBalancer - managedNATGateway @@ -14183,69 +9919,37 @@ spec: - userDefinedRouting type: string podCidr: - description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string podCidrs: - description: |- - PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. items: type: string type: array serviceCidr: - description: |- - ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP - ranges. pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidrs: - description: |- - ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array type: object nodeResourceGroup: - description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string oidcIssuerProfile: - description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' properties: enabled: - description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean type: object operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -14253,35 +9957,22 @@ spec: type: object type: array configMaps: - description: 'ConfigMaps: configures where to place operator written ConfigMaps.' properties: oidcIssuerProfile: - description: |- - OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be - created. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key - name type: object principalId: - description: 'PrincipalId: indicates where the PrincipalId config map should be placed. If omitted, no config map will be created.' properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -14289,29 +9980,13 @@ spec: type: object type: object secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -14319,37 +9994,22 @@ spec: type: object type: array secrets: - description: 'Secrets: configures where to place Azure generated secrets.' properties: adminCredentials: - description: |- - AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key - name type: object userCredentials: - description: |- - UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key @@ -14358,106 +10018,66 @@ spec: type: object type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podIdentityProfile: - description: |- - PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more - details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: |- - AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod - Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. type: boolean enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' type: boolean userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' items: - description: Details about the pod identity assigned to the Managed Cluster. properties: bindingSelector: - description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: 'Identity: The user assigned identity details.' properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string clientIdFromConfig: - description: 'ClientIdFromConfig: The client ID of the user assigned identity.' properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string objectIdFromConfig: - description: 'ObjectIdFromConfig: The object ID of the user assigned identity.' properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object name: - description: 'Name: The name of the pod identity.' type: string namespace: - description: 'Namespace: The namespace of the pod identity.' type: string required: - identity @@ -14466,22 +10086,15 @@ spec: type: object type: array userAssignedIdentityExceptions: - description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: |- - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: - description: 'Name: The name of the pod identity exception.' type: string namespace: - description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string - description: 'PodLabels: The pod labels to match.' type: object required: - name @@ -14491,236 +10104,147 @@ spec: type: array type: object privateLinkResources: - description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: A private link resource properties: groupId: - description: 'GroupId: The group ID of the resource.' type: string name: - description: 'Name: The name of the private link resource.' type: string reference: - description: 'Reference: The ID of the private link resource.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requiredMembers: - description: 'RequiredMembers: The RequiredMembers of the resource' items: type: string type: array type: - description: 'Type: The resource type.' type: string type: object type: array publicNetworkAccess: - description: 'PublicNetworkAccess: Allow or deny public network access for AKS' enum: - Disabled - Enabled type: string securityProfile: - description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: |- - AzureKeyVaultKms: Azure Key Vault [key management - service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: - description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: |- - KeyId: Identifier of Azure Key Vault key. See [key identifier - format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) - for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key - identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: |- - KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the - key vault allows public access from all networks. `Private` means the key vault disables public access and enables - private link. The default value is `Public`. enum: - Private - Public type: string keyVaultResourceReference: - description: |- - KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and - must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object defender: - description: 'Defender: Microsoft Defender settings for the security profile.' properties: logAnalyticsWorkspaceResourceReference: - description: |- - LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft - Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When - Microsoft Defender is disabled, leave the field empty. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object securityMonitoring: - description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Defender threat detection' type: boolean type: object type: object imageCleaner: - description: 'ImageCleaner: Image Cleaner settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' type: boolean intervalHours: - description: 'IntervalHours: Image Cleaner scanning interval in hours.' type: integer type: object workloadIdentity: - description: |- - WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications - to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: - description: 'Enabled: Whether to enable workload identity.' type: boolean type: object type: object serviceMeshProfile: - description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' properties: istio: - description: 'Istio: Istio service mesh configuration.' properties: certificateAuthority: - description: |- - CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin - certificates as described here https://aka.ms/asm-plugin-ca properties: plugin: - description: 'Plugin: Plugin certificates information for Service Mesh.' properties: certChainObjectName: - description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' type: string certObjectName: - description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' type: string keyObjectName: - description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' type: string keyVaultReference: - description: 'KeyVaultReference: The resource ID of the Key Vault.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object rootCertObjectName: - description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' type: string type: object type: object components: - description: 'Components: Istio components configuration.' properties: egressGateways: - description: 'EgressGateways: Istio egress gateways.' items: - description: Istio egress gateway configuration. properties: enabled: - description: 'Enabled: Whether to enable the egress gateway.' type: boolean nodeSelector: additionalProperties: type: string - description: 'NodeSelector: NodeSelector for scheduling the egress gateway.' type: object required: - enabled type: object type: array ingressGateways: - description: 'IngressGateways: Istio ingress gateways.' items: - description: |- - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: enabled: - description: 'Enabled: Whether to enable the ingress gateway.' type: boolean mode: - description: 'Mode: Mode of an ingress gateway.' enum: - External - Internal @@ -14732,17 +10256,12 @@ spec: type: array type: object revisions: - description: |- - Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. - When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: - https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string maxItems: 2 type: array type: object mode: - description: 'Mode: Mode of the service mesh.' enum: - Disabled - Istio @@ -14751,23 +10270,14 @@ spec: - mode type: object servicePrincipalProfile: - description: |- - ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure - APIs. properties: clientId: - description: 'ClientId: The ID for the service principal.' type: string secret: - description: 'Secret: The secret password associated with the service principal in plain text.' properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key @@ -14777,17 +10287,12 @@ spec: - clientId type: object sku: - description: 'Sku: The managed cluster SKU.' properties: name: - description: 'Name: The name of a managed cluster SKU.' enum: - Base type: string tier: - description: |- - Tier: If not specified, the default is 'Free'. See [AKS Pricing - Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. enum: - Free - Premium @@ -14795,39 +10300,29 @@ spec: type: string type: object storageProfile: - description: 'StorageProfile: Storage profile for the managed cluster.' properties: blobCSIDriver: - description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' type: boolean type: object diskCSIDriver: - description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' type: boolean type: object fileCSIDriver: - description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' type: boolean type: object snapshotController: - description: 'SnapshotController: Snapshot Controller settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' type: boolean type: object type: object supportPlan: - description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' enum: - AKSLongTermSupport - KubernetesOfficial @@ -14835,91 +10330,43 @@ spec: tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading a cluster.' properties: overrideSettings: - description: 'OverrideSettings: Settings for overrides.' properties: forceUpgrade: - description: |- - ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade - protections such as checking for deprecated API usage. Enable this option only with caution. type: boolean until: - description: |- - Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the - effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set - by default. It must be set for the overrides to take effect. type: string type: object type: object windowsProfile: - description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: adminPassword: - description: |- - AdminPassword: Specifies the password of the administrator account. - Minimum-length: 8 characters - Max-length: 123 characters - Complexity requirements: 3 out of 4 conditions below need to be fulfilled - Has lower characters - Has upper characters - Has a digit - Has a special character (Regex match [\W_]) - Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", - "Password22", "iloveyou!" properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key - name type: object adminUsername: - description: |- - AdminUsername: Specifies the name of the administrator account. - Restriction: Cannot end in "." - Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", - "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", - "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". - Minimum-length: 1 character - Max-length: 20 characters type: string enableCSIProxy: - description: |- - EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub - repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: - description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: |- - DnsServer: Specifies the DNS server for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: - description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: |- - RootDomainName: Specifies the root domain name for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: |- - LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User - Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. enum: - None - Windows_Server @@ -14928,22 +10375,17 @@ spec: - adminUsername type: object workloadAutoScalerProfile: - description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' properties: keda: - description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' properties: enabled: - description: 'Enabled: Whether to enable KEDA.' type: boolean required: - enabled type: object verticalPodAutoscaler: - description: 'VerticalPodAutoscaler: VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.' properties: enabled: - description: 'Enabled: Whether to enable VPA. Default value is false.' type: boolean required: - enabled @@ -14954,671 +10396,368 @@ spec: - owner type: object status: - description: Managed cluster. properties: aadProfile: - description: 'AadProfile: The Azure Active Directory configuration.' properties: adminGroupObjectIDs: - description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: - description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string enableAzureRBAC: - description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: - description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: - description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string serverAppSecret: - description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: |- - TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment - subscription. type: string type: object addonProfiles: additionalProperties: - description: A Kubernetes add-on profile for a managed cluster. properties: config: additionalProperties: type: string - description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: - description: 'Enabled: Whether the add-on is enabled or not.' type: boolean identity: - description: 'Identity: Information of user assigned identity used by this add-on.' properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string type: object type: object - description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: - description: 'AgentPoolProfiles: The agent pool properties.' items: - description: Profile for the container service agent pool. properties: availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array capacityReservationGroupID: - description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' type: string count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be - exactly equal to it. If orchestratorVersion is , this field will contain the full - version being used. type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string hostGroupID: - description: |- - HostGroupID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: - description: 'Name: Windows agent pool names must be 6 characters or less.' type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. type: integer protocol: - description: 'Protocol: The network protocol of the port.' type: string type: object type: array applicationSecurityGroups: - description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' items: type: string type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object nodeImageVersion: - description: 'NodeImageVersion: The version of node image' type: string nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. type: string osType: - description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: - description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' type: string proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: array apiServerAccessProfile: - description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: |- - AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with - clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API - server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array disableRunCommand: - description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: |- - EnablePrivateCluster: For more details, see [Creating a private AKS - cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: - description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean privateDNSZone: - description: |- - PrivateDNSZone: The default is System. For more details see [configure private DNS - zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and - 'none'. type: string type: object autoScalerProfile: - description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' properties: balance-similar-node-groups: - description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string expander: - description: |- - Expander: If not specified, the default is 'random'. See - [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more - information. type: string max-empty-bulk-delete: - description: 'MaxEmptyBulkDelete: The default is 10.' type: string max-graceful-termination-sec: - description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: |- - MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string max-total-unready-percentage: - description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: |- - NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler - could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is - '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: - description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: |- - ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-delay-after-delete: - description: |- - ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of - time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: |- - ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other - than minutes (m) is supported. type: string scale-down-unneeded-time: - description: |- - ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-unready-time: - description: |- - ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-utilization-threshold: - description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' type: string scan-interval: - description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' type: string skip-nodes-with-local-storage: - description: 'SkipNodesWithLocalStorage: The default is true.' type: string skip-nodes-with-system-pods: - description: 'SkipNodesWithSystemPods: The default is true.' type: string type: object autoUpgradeProfile: - description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: nodeOSUpgradeChannel: - description: 'NodeOSUpgradeChannel: Manner in which the OS on your nodes is updated. The default is NodeImage.' type: string upgradeChannel: - description: |- - UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade - channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). type: string type: object azureMonitorProfile: - description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' properties: metrics: - description: |- - Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. properties: enabled: - description: |- - Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See - aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. type: boolean kubeStateMetrics: - description: |- - KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. properties: metricAnnotationsAllowList: - description: |- - MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource's - labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric - contains only resource name and namespace labels. type: string metricLabelsAllowlist: - description: |- - MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource's - labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only - resource name and namespace labels. type: string type: object type: object type: object azurePortalFQDN: - description: |- - AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some - responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure - Portal to function properly. type: string conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -15628,815 +10767,497 @@ spec: type: object type: array currentKubernetesVersion: - description: |- - CurrentKubernetesVersion: If kubernetesVersion was a fully specified version , this field will be - exactly equal to it. If kubernetesVersion was , this field will contain the full - version being used. type: string disableLocalAccounts: - description: |- - DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be - used on Managed Clusters that are AAD enabled. For more details see [disable local - accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetID: - description: |- - DiskEncryptionSetID: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' type: string dnsPrefix: - description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enablePodSecurityPolicy: - description: |- - EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was - deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and - https://aka.ms/aks/psp. type: boolean enableRBAC: - description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: 'ExtendedLocation: The extended location of the Virtual Machine.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' type: string type: object fqdn: - description: 'Fqdn: The FQDN of the master pool.' type: string fqdnSubdomain: - description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string httpProxyConfig: - description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' properties: httpProxy: - description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: - description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: - description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: - description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object id: - description: |- - Id: Fully qualified resource ID for the resource. E.g. - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" type: string identity: - description: 'Identity: The identity of the managed cluster, if configured.' properties: delegatedResources: additionalProperties: - description: Delegated resource properties - internal use only. properties: location: - description: 'Location: The source resource location - internal use only.' type: string referralResource: - description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' type: string resourceId: - description: 'ResourceId: The ARM resource id of the delegated resource - internal use only.' type: string tenantId: - description: 'TenantId: The tenant id of the delegated resource - internal use only.' type: string type: object - description: |- - DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another - Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object principalId: - description: 'PrincipalId: The principal id of the system assigned identity which is used by master components.' type: string tenantId: - description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' type: string type: - description: |- - Type: For more information see [use managed identities in - AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). type: string userAssignedIdentities: additionalProperties: properties: clientId: - description: 'ClientId: The client id of user assigned identity.' type: string principalId: - description: 'PrincipalId: The principal id of user assigned identity.' type: string type: object - description: |- - UserAssignedIdentities: The keys must be ARM resource IDs in the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. type: object type: object identityProfile: additionalProperties: - description: Details about a user assigned identity. properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string type: object - description: 'IdentityProfile: Identities associated with the cluster.' type: object kubernetesVersion: - description: |- - KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All - upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or - 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS - cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' properties: adminUsername: - description: 'AdminUsername: The administrator username to use for Linux VMs.' type: string ssh: - description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' properties: publicKeys: - description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: Contains information about SSH certificate public key data. properties: keyData: - description: |- - KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or - without headers. type: string type: object type: array type: object type: object location: - description: 'Location: The geo-location where the resource lives' type: string maxAgentPools: - description: 'MaxAgentPools: The max number of agent pools for the managed cluster.' type: integer name: - description: 'Name: The name of the resource' type: string networkProfile: - description: 'NetworkProfile: The network configuration profile.' properties: dnsServiceIP: - description: |- - DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address - range specified in serviceCidr. type: string ipFamilies: - description: |- - IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value - is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: type: string type: array loadBalancerProfile: - description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: |- - AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 - (inclusive). The default value is 0 which results in Azure dynamically allocating ports. type: integer backendPoolType: - description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' type: string effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: - description: A reference to an Azure resource. properties: id: - description: 'Id: The fully qualified Azure resource id.' type: string type: object type: array enableMultipleStandardLoadBalancers: - description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 30 minutes. type: integer managedOutboundIPs: - description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: |- - Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values - must be in the range of 1 to 100 (inclusive). The default value is 1. type: integer countIPv6: - description: |- - CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed - values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. type: integer type: object outboundIPPrefixes: - description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' properties: publicIPPrefixes: - description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: A reference to an Azure resource. properties: id: - description: 'Id: The fully qualified Azure resource id.' type: string type: object type: array type: object outboundIPs: - description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' properties: publicIPs: - description: 'PublicIPs: A list of public IP resources.' items: - description: A reference to an Azure resource. properties: id: - description: 'Id: The fully qualified Azure resource id.' type: string type: object type: array type: object type: object loadBalancerSku: - description: |- - LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer - SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load - balancer SKUs. type: string natGatewayProfile: - description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' properties: effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' items: - description: A reference to an Azure resource. properties: id: - description: 'Id: The fully qualified Azure resource id.' type: string type: object type: array idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 4 minutes. type: integer managedOutboundIPProfile: - description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: |- - Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 - (inclusive). The default value is 1. type: integer type: object type: object networkDataplane: - description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' type: string networkMode: - description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' type: string networkPlugin: - description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' type: string networkPluginMode: - description: 'NetworkPluginMode: The mode the network plugin should use.' type: string networkPolicy: - description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' type: string outboundType: - description: |- - OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see - [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). type: string podCidr: - description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' type: string podCidrs: - description: |- - PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. items: type: string type: array serviceCidr: - description: |- - ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP - ranges. type: string serviceCidrs: - description: |- - ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array type: object nodeResourceGroup: - description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string oidcIssuerProfile: - description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' properties: enabled: - description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean issuerURL: - description: 'IssuerURL: The OIDC issuer url of the Managed Cluster.' type: string type: object podIdentityProfile: - description: |- - PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more - details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: |- - AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod - Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. type: boolean enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' type: boolean userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' items: - description: Details about the pod identity assigned to the Managed Cluster. properties: bindingSelector: - description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: 'Identity: The user assigned identity details.' properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string type: object name: - description: 'Name: The name of the pod identity.' type: string namespace: - description: 'Namespace: The namespace of the pod identity.' type: string provisioningInfo: properties: error: - description: 'Error: Pod identity assignment error (if any).' properties: error: - description: 'Error: Details about the error.' properties: code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' type: string details: - description: 'Details: A list of additional details about the error.' items: properties: code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' type: string message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' type: string target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' type: string type: object type: array message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' type: string target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' type: string type: object type: object type: object provisioningState: - description: 'ProvisioningState: The current provisioning state of the pod identity.' type: string type: object type: array userAssignedIdentityExceptions: - description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: |- - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: - description: 'Name: The name of the pod identity exception.' type: string namespace: - description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string - description: 'PodLabels: The pod labels to match.' type: object type: object type: array type: object powerState: - description: 'PowerState: The Power State of the cluster.' properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object privateFQDN: - description: 'PrivateFQDN: The FQDN of private cluster.' type: string privateLinkResources: - description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: A private link resource properties: groupId: - description: 'GroupId: The group ID of the resource.' type: string id: - description: 'Id: The ID of the private link resource.' type: string name: - description: 'Name: The name of the private link resource.' type: string privateLinkServiceID: - description: 'PrivateLinkServiceID: The private link service ID of the resource, this field is exposed only to NRP internally.' type: string requiredMembers: - description: 'RequiredMembers: The RequiredMembers of the resource' items: type: string type: array type: - description: 'Type: The resource type.' type: string type: object type: array provisioningState: - description: 'ProvisioningState: The current provisioning state.' type: string publicNetworkAccess: - description: 'PublicNetworkAccess: Allow or deny public network access for AKS' type: string resourceUID: - description: |- - ResourceUID: The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create - sequence) type: string securityProfile: - description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: |- - AzureKeyVaultKms: Azure Key Vault [key management - service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: - description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: |- - KeyId: Identifier of Azure Key Vault key. See [key identifier - format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) - for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key - identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: |- - KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the - key vault allows public access from all networks. `Private` means the key vault disables public access and enables - private link. The default value is `Public`. type: string keyVaultResourceId: - description: |- - KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must - be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. type: string type: object defender: - description: 'Defender: Microsoft Defender settings for the security profile.' properties: logAnalyticsWorkspaceResourceId: - description: |- - LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. - When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft - Defender is disabled, leave the field empty. type: string securityMonitoring: - description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Defender threat detection' type: boolean type: object type: object imageCleaner: - description: 'ImageCleaner: Image Cleaner settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' type: boolean intervalHours: - description: 'IntervalHours: Image Cleaner scanning interval in hours.' type: integer type: object workloadIdentity: - description: |- - WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications - to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: - description: 'Enabled: Whether to enable workload identity.' type: boolean type: object type: object serviceMeshProfile: - description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' properties: istio: - description: 'Istio: Istio service mesh configuration.' properties: certificateAuthority: - description: |- - CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin - certificates as described here https://aka.ms/asm-plugin-ca properties: plugin: - description: 'Plugin: Plugin certificates information for Service Mesh.' properties: certChainObjectName: - description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' type: string certObjectName: - description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' type: string keyObjectName: - description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' type: string keyVaultId: - description: 'KeyVaultId: The resource ID of the Key Vault.' type: string rootCertObjectName: - description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' type: string type: object type: object components: - description: 'Components: Istio components configuration.' properties: egressGateways: - description: 'EgressGateways: Istio egress gateways.' items: - description: Istio egress gateway configuration. properties: enabled: - description: 'Enabled: Whether to enable the egress gateway.' type: boolean nodeSelector: additionalProperties: type: string - description: 'NodeSelector: NodeSelector for scheduling the egress gateway.' type: object type: object type: array ingressGateways: - description: 'IngressGateways: Istio ingress gateways.' items: - description: |- - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: enabled: - description: 'Enabled: Whether to enable the ingress gateway.' type: boolean mode: - description: 'Mode: Mode of an ingress gateway.' type: string type: object type: array type: object revisions: - description: |- - Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. - When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: - https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string type: array type: object mode: - description: 'Mode: Mode of the service mesh.' type: string type: object servicePrincipalProfile: - description: |- - ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure - APIs. properties: clientId: - description: 'ClientId: The ID for the service principal.' type: string type: object sku: - description: 'Sku: The managed cluster SKU.' properties: name: - description: 'Name: The name of a managed cluster SKU.' type: string tier: - description: |- - Tier: If not specified, the default is 'Free'. See [AKS Pricing - Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. type: string type: object storageProfile: - description: 'StorageProfile: Storage profile for the managed cluster.' properties: blobCSIDriver: - description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' type: boolean type: object diskCSIDriver: - description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' type: boolean type: object fileCSIDriver: - description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' type: boolean type: object snapshotController: - description: 'SnapshotController: Snapshot Controller settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' type: boolean type: object type: object supportPlan: - description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' type: string systemData: - description: 'SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.' properties: createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' type: string createdBy: - description: 'CreatedBy: The identity that created the resource.' type: string createdByType: - description: 'CreatedByType: The type of identity that created the resource.' type: string lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' type: string lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' type: string lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' type: string type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object type: - description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading a cluster.' properties: overrideSettings: - description: 'OverrideSettings: Settings for overrides.' properties: forceUpgrade: - description: |- - ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade - protections such as checking for deprecated API usage. Enable this option only with caution. type: boolean until: - description: |- - Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the - effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set - by default. It must be set for the overrides to take effect. type: string type: object type: object windowsProfile: - description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: adminUsername: - description: |- - AdminUsername: Specifies the name of the administrator account. - Restriction: Cannot end in "." - Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", - "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", - "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". - Minimum-length: 1 character - Max-length: 20 characters type: string enableCSIProxy: - description: |- - EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub - repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: - description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: |- - DnsServer: Specifies the DNS server for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: - description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: |- - RootDomainName: Specifies the root domain name for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: |- - LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User - Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. type: string type: object workloadAutoScalerProfile: - description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' properties: keda: - description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' properties: enabled: - description: 'Enabled: Whether to enable KEDA.' type: boolean type: object verticalPodAutoscaler: - description: 'VerticalPodAutoscaler: VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.' properties: enabled: - description: 'Enabled: Whether to enable VPA. Default value is false.' type: boolean type: object type: object @@ -16462,50 +11283,24 @@ spec: name: v1api20231001storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20231001.ManagedCluster - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20231001.ManagedCluster_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: |- - Storage version of v1api20231001.ManagedClusterAADProfile - For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -16526,16 +11321,10 @@ spec: type: object addonProfiles: additionalProperties: - description: |- - Storage version of v1api20231001.ManagedClusterAddonProfile - A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -16547,73 +11336,45 @@ spec: type: object agentPoolProfiles: items: - description: |- - Storage version of v1api20231001.ManagedClusterAgentPoolProfile - Profile for the container service agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: type: string type: array capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object count: type: integer creationData: - description: |- - Storage version of v1api20231001.CreationData - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -16630,39 +11391,22 @@ spec: gpuInstanceProfile: type: string hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: |- - Storage version of v1api20231001.KubeletConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -16692,30 +11436,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20231001.LinuxOSConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20231001.SysctlConfig - Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -16790,29 +11522,17 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20231001.AgentPoolNetworkProfile - Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: |- - Storage version of v1api20231001.PortRange - The port range. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -16824,38 +11544,24 @@ spec: type: array applicationSecurityGroupsReferences: items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20231001.IPTag - Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -16869,25 +11575,15 @@ spec: type: string type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: @@ -16905,61 +11601,36 @@ spec: osType: type: string podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - Storage version of v1api20231001.PowerState - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: @@ -16977,16 +11648,10 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20231001.AgentPoolUpgradeSettings - Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -16996,26 +11661,15 @@ spec: vmSize: type: string vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object workloadRuntime: @@ -17023,16 +11677,10 @@ spec: type: object type: array apiServerAccessProfile: - description: |- - Storage version of v1api20231001.ManagedClusterAPIServerAccessProfile - Access profile for managed cluster API server. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -17048,14 +11696,10 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20231001.ManagedClusterProperties_AutoScalerProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -17093,16 +11737,10 @@ spec: type: string type: object autoUpgradeProfile: - description: |- - Storage version of v1api20231001.ManagedClusterAutoUpgradeProfile - Auto upgrade profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object nodeOSUpgradeChannel: type: string @@ -17110,46 +11748,24 @@ spec: type: string type: object azureMonitorProfile: - description: |- - Storage version of v1api20231001.ManagedClusterAzureMonitorProfile - Azure Monitor addon profiles for monitoring the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metrics: - description: |- - Storage version of v1api20231001.ManagedClusterAzureMonitorProfileMetrics - Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean kubeStateMetrics: - description: |- - Storage version of v1api20231001.ManagedClusterAzureMonitorProfileKubeStateMetrics - Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metricAnnotationsAllowList: type: string @@ -17159,32 +11775,19 @@ spec: type: object type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string disableLocalAccounts: type: boolean diskEncryptionSetReference: - description: |- - DiskEncryptionSetReference: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object dnsPrefix: @@ -17194,16 +11797,10 @@ spec: enableRBAC: type: boolean extendedLocation: - description: |- - Storage version of v1api20231001.ExtendedLocation - The complex type of the extended location. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -17213,16 +11810,10 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: |- - Storage version of v1api20231001.ManagedClusterHTTPProxyConfig - Cluster HTTP proxy configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object httpProxy: type: string @@ -17236,52 +11827,32 @@ spec: type: string type: object identity: - description: |- - Storage version of v1api20231001.ManagedClusterIdentity - Identity for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object delegatedResources: additionalProperties: - description: |- - Storage version of v1api20231001.DelegatedResource - Delegated resource properties - internal use only. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object location: type: string referralResource: type: string resourceReference: - description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object tenantId: @@ -17292,35 +11863,21 @@ spec: type: string userAssignedIdentities: items: - description: |- - Storage version of v1api20231001.UserAssignedIdentityDetails - Information about the user assigned identity for the resource properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -17328,31 +11885,18 @@ spec: type: object identityProfile: additionalProperties: - description: |- - Storage version of v1api20231001.UserAssignedIdentity - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string clientIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key @@ -17361,40 +11905,25 @@ spec: objectId: type: string objectIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -17402,43 +11931,25 @@ spec: kubernetesVersion: type: string linuxProfile: - description: |- - Storage version of v1api20231001.ContainerServiceLinuxProfile - Profile for Linux VMs in the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: |- - Storage version of v1api20231001.ContainerServiceSshConfiguration - SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: |- - Storage version of v1api20231001.ContainerServiceSshPublicKey - Contains information about SSH certificate public key data. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -17449,16 +11960,10 @@ spec: location: type: string networkProfile: - description: |- - Storage version of v1api20231001.ContainerServiceNetworkProfile - Profile of network configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServiceIP: type: string @@ -17467,16 +11972,10 @@ spec: type: string type: array loadBalancerProfile: - description: |- - Storage version of v1api20231001.ManagedClusterLoadBalancerProfile - Profile of the managed cluster load balancer. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer @@ -17484,35 +11983,21 @@ spec: type: string effectiveOutboundIPs: items: - description: |- - Storage version of v1api20231001.ResourceReference - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -17522,14 +12007,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -17537,92 +12018,56 @@ spec: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: |- - Storage version of v1api20231001.ResourceReference - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array type: object outboundIPs: - description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_OutboundIPs properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: |- - Storage version of v1api20231001.ResourceReference - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -17632,48 +12077,28 @@ spec: loadBalancerSku: type: string natGatewayProfile: - description: |- - Storage version of v1api20231001.ManagedClusterNATGatewayProfile - Profile of the managed cluster NAT gateway. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object effectiveOutboundIPs: items: - description: |- - Storage version of v1api20231001.ResourceReference - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -17681,16 +12106,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: |- - Storage version of v1api20231001.ManagedClusterManagedOutboundIPProfile - Profile of the managed outbound IP resources of the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -17724,55 +12143,28 @@ spec: nodeResourceGroup: type: string oidcIssuerProfile: - description: |- - Storage version of v1api20231001.ManagedClusterOIDCIssuerProfile - The OIDC issuer profile of the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object operatorSpec: - description: |- - Storage version of v1api20231001.ManagedClusterOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -17780,46 +12172,26 @@ spec: type: object type: array configMaps: - description: Storage version of v1api20231001.ManagedClusterOperatorConfigMaps properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object oidcIssuerProfile: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to: SecretDestination in secrets.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key - name type: object principalId: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to: SecretDestination in secrets.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -17828,27 +12200,12 @@ spec: type: object secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -17856,46 +12213,26 @@ spec: type: object type: array secrets: - description: Storage version of v1api20231001.ManagedClusterOperatorSecrets properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to: ConfigMapDestination in configmaps.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key - name type: object userCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to: ConfigMapDestination in configmaps.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key @@ -17906,30 +12243,18 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podIdentityProfile: - description: |- - Storage version of v1api20231001.ManagedClusterPodIdentityProfile - See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod - identity integration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -17937,45 +12262,26 @@ spec: type: boolean userAssignedIdentities: items: - description: |- - Storage version of v1api20231001.ManagedClusterPodIdentity - Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: |- - Storage version of v1api20231001.UserAssignedIdentity - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string clientIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key @@ -17984,40 +12290,25 @@ spec: objectId: type: string objectIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -18029,17 +12320,10 @@ spec: type: array userAssignedIdentityExceptions: items: - description: |- - Storage version of v1api20231001.ManagedClusterPodIdentityException - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -18054,39 +12338,25 @@ spec: type: object privateLinkResources: items: - description: |- - Storage version of v1api20231001.PrivateLinkResource - A private link resource properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object groupId: type: string name: type: string reference: - description: 'Reference: The ID of the private link resource.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requiredMembers: @@ -18100,28 +12370,16 @@ spec: publicNetworkAccess: type: string securityProfile: - description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfile - Security profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: |- - Storage version of v1api20231001.AzureKeyVaultKms - Azure Key Vault key management service settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -18130,91 +12388,51 @@ spec: keyVaultNetworkAccess: type: string keyVaultResourceReference: - description: |- - KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and - must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object defender: - description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfileDefender - Microsoft Defender settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object logAnalyticsWorkspaceResourceReference: - description: |- - LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft - Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When - Microsoft Defender is disabled, leave the field empty. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object securityMonitoring: - description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfileDefenderSecurityMonitoring - Microsoft Defender settings for the security profile threat detection. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object imageCleaner: - description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfileImageCleaner - Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here - are settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -18222,69 +12440,38 @@ spec: type: integer type: object workloadIdentity: - description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfileWorkloadIdentity - Workload identity settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object serviceMeshProfile: - description: |- - Storage version of v1api20231001.ServiceMeshProfile - Service mesh profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object istio: - description: |- - Storage version of v1api20231001.IstioServiceMesh - Istio service mesh configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object certificateAuthority: - description: |- - Storage version of v1api20231001.IstioCertificateAuthority - Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described - here https://aka.ms/asm-plugin-ca properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object plugin: - description: |- - Storage version of v1api20231001.IstioPluginCertificateAuthority - Plugin certificates information for Service Mesh. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object certChainObjectName: type: string @@ -18293,23 +12480,15 @@ spec: keyObjectName: type: string keyVaultReference: - description: 'KeyVaultReference: The resource ID of the Key Vault.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object rootCertObjectName: @@ -18317,29 +12496,17 @@ spec: type: object type: object components: - description: |- - Storage version of v1api20231001.IstioComponents - Istio components configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object egressGateways: items: - description: |- - Storage version of v1api20231001.IstioEgressGateway - Istio egress gateway configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -18351,17 +12518,10 @@ spec: type: array ingressGateways: items: - description: |- - Storage version of v1api20231001.IstioIngressGateway - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -18379,31 +12539,18 @@ spec: type: string type: object servicePrincipalProfile: - description: |- - Storage version of v1api20231001.ManagedClusterServicePrincipalProfile - Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string secret: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key @@ -18411,16 +12558,10 @@ spec: type: object type: object sku: - description: |- - Storage version of v1api20231001.ManagedClusterSKU - The SKU of a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -18428,73 +12569,43 @@ spec: type: string type: object storageProfile: - description: |- - Storage version of v1api20231001.ManagedClusterStorageProfile - Storage profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: |- - Storage version of v1api20231001.ManagedClusterStorageProfileBlobCSIDriver - AzureBlob CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object diskCSIDriver: - description: |- - Storage version of v1api20231001.ManagedClusterStorageProfileDiskCSIDriver - AzureDisk CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object fileCSIDriver: - description: |- - Storage version of v1api20231001.ManagedClusterStorageProfileFileCSIDriver - AzureFile CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object snapshotController: - description: |- - Storage version of v1api20231001.ManagedClusterStorageProfileSnapshotController - Snapshot Controller settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -18507,28 +12618,16 @@ spec: type: string type: object upgradeSettings: - description: |- - Storage version of v1api20231001.ClusterUpgradeSettings - Settings for upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object overrideSettings: - description: |- - Storage version of v1api20231001.UpgradeOverrideSettings - Settings for overrides when upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object forceUpgrade: type: boolean @@ -18537,29 +12636,16 @@ spec: type: object type: object windowsProfile: - description: |- - Storage version of v1api20231001.ManagedClusterWindowsProfile - Profile for Windows VMs in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminPassword: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key @@ -18570,16 +12656,10 @@ spec: enableCSIProxy: type: boolean gmsaProfile: - description: |- - Storage version of v1api20231001.WindowsGmsaProfile - Windows gMSA Profile in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServer: type: string @@ -18592,43 +12672,25 @@ spec: type: string type: object workloadAutoScalerProfile: - description: |- - Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfile - Workload Auto-scaler profile for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keda: - description: |- - Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileKeda - KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object verticalPodAutoscaler: - description: |- - Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler - VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -18638,28 +12700,16 @@ spec: - owner type: object status: - description: |- - Storage version of v1api20231001.ManagedCluster_STATUS - Managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: |- - Storage version of v1api20231001.ManagedClusterAADProfile_STATUS - For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -18680,16 +12730,10 @@ spec: type: object addonProfiles: additionalProperties: - description: |- - Storage version of v1api20231001.ManagedClusterAddonProfile_STATUS - A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -18698,16 +12742,10 @@ spec: enabled: type: boolean identity: - description: |- - Storage version of v1api20231001.UserAssignedIdentity_STATUS - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -18720,16 +12758,10 @@ spec: type: object agentPoolProfiles: items: - description: |- - Storage version of v1api20231001.ManagedClusterAgentPoolProfile_STATUS - Profile for the container service agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -18740,16 +12772,10 @@ spec: count: type: integer creationData: - description: |- - Storage version of v1api20231001.CreationData_STATUS - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -18771,16 +12797,10 @@ spec: hostGroupID: type: string kubeletConfig: - description: |- - Storage version of v1api20231001.KubeletConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -18810,30 +12830,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20231001.LinuxOSConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20231001.SysctlConfig_STATUS - Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -18908,29 +12916,17 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20231001.AgentPoolNetworkProfile_STATUS - Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: |- - Storage version of v1api20231001.PortRange_STATUS - The port range. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -18946,16 +12942,10 @@ spec: type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20231001.IPTag_STATUS - Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -18989,16 +12979,10 @@ spec: podSubnetID: type: string powerState: - description: |- - Storage version of v1api20231001.PowerState_STATUS - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -19022,16 +13006,10 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20231001.AgentPoolUpgradeSettings_STATUS - Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -19047,16 +13025,10 @@ spec: type: object type: array apiServerAccessProfile: - description: |- - Storage version of v1api20231001.ManagedClusterAPIServerAccessProfile_STATUS - Access profile for managed cluster API server. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -19072,14 +13044,10 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20231001.ManagedClusterProperties_AutoScalerProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -19117,16 +13085,10 @@ spec: type: string type: object autoUpgradeProfile: - description: |- - Storage version of v1api20231001.ManagedClusterAutoUpgradeProfile_STATUS - Auto upgrade profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object nodeOSUpgradeChannel: type: string @@ -19134,46 +13096,24 @@ spec: type: string type: object azureMonitorProfile: - description: |- - Storage version of v1api20231001.ManagedClusterAzureMonitorProfile_STATUS - Azure Monitor addon profiles for monitoring the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metrics: - description: |- - Storage version of v1api20231001.ManagedClusterAzureMonitorProfileMetrics_STATUS - Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean kubeStateMetrics: - description: |- - Storage version of v1api20231001.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS - Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metricAnnotationsAllowList: type: string @@ -19186,39 +13126,22 @@ spec: type: string conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -19240,16 +13163,10 @@ spec: enableRBAC: type: boolean extendedLocation: - description: |- - Storage version of v1api20231001.ExtendedLocation_STATUS - The complex type of the extended location. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -19261,16 +13178,10 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: |- - Storage version of v1api20231001.ManagedClusterHTTPProxyConfig_STATUS - Cluster HTTP proxy configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object httpProxy: type: string @@ -19286,29 +13197,17 @@ spec: id: type: string identity: - description: |- - Storage version of v1api20231001.ManagedClusterIdentity_STATUS - Identity for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object delegatedResources: additionalProperties: - description: |- - Storage version of v1api20231001.DelegatedResource_STATUS - Delegated resource properties - internal use only. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object location: type: string @@ -19328,14 +13227,10 @@ spec: type: string userAssignedIdentities: additionalProperties: - description: Storage version of v1api20231001.ManagedClusterIdentity_UserAssignedIdentities_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -19346,16 +13241,10 @@ spec: type: object identityProfile: additionalProperties: - description: |- - Storage version of v1api20231001.UserAssignedIdentity_STATUS - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -19368,43 +13257,25 @@ spec: kubernetesVersion: type: string linuxProfile: - description: |- - Storage version of v1api20231001.ContainerServiceLinuxProfile_STATUS - Profile for Linux VMs in the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: |- - Storage version of v1api20231001.ContainerServiceSshConfiguration_STATUS - SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: |- - Storage version of v1api20231001.ContainerServiceSshPublicKey_STATUS - Contains information about SSH certificate public key data. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -19419,16 +13290,10 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20231001.ContainerServiceNetworkProfile_STATUS - Profile of network configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServiceIP: type: string @@ -19437,16 +13302,10 @@ spec: type: string type: array loadBalancerProfile: - description: |- - Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_STATUS - Profile of the managed cluster load balancer. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer @@ -19454,16 +13313,10 @@ spec: type: string effectiveOutboundIPs: items: - description: |- - Storage version of v1api20231001.ResourceReference_STATUS - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -19474,14 +13327,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -19489,27 +13338,17 @@ spec: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: |- - Storage version of v1api20231001.ResourceReference_STATUS - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -19517,27 +13356,17 @@ spec: type: array type: object outboundIPs: - description: Storage version of v1api20231001.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: |- - Storage version of v1api20231001.ResourceReference_STATUS - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -19548,29 +13377,17 @@ spec: loadBalancerSku: type: string natGatewayProfile: - description: |- - Storage version of v1api20231001.ManagedClusterNATGatewayProfile_STATUS - Profile of the managed cluster NAT gateway. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object effectiveOutboundIPs: items: - description: |- - Storage version of v1api20231001.ResourceReference_STATUS - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -19579,16 +13396,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: |- - Storage version of v1api20231001.ManagedClusterManagedOutboundIPProfile_STATUS - Profile of the managed outbound IP resources of the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -19622,16 +13433,10 @@ spec: nodeResourceGroup: type: string oidcIssuerProfile: - description: |- - Storage version of v1api20231001.ManagedClusterOIDCIssuerProfile_STATUS - The OIDC issuer profile of the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -19639,17 +13444,10 @@ spec: type: string type: object podIdentityProfile: - description: |- - Storage version of v1api20231001.ManagedClusterPodIdentityProfile_STATUS - See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod - identity integration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -19657,30 +13455,18 @@ spec: type: boolean userAssignedIdentities: items: - description: |- - Storage version of v1api20231001.ManagedClusterPodIdentity_STATUS - Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: |- - Storage version of v1api20231001.UserAssignedIdentity_STATUS - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -19694,51 +13480,31 @@ spec: namespace: type: string provisioningInfo: - description: Storage version of v1api20231001.ManagedClusterPodIdentity_ProvisioningInfo_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object error: - description: |- - Storage version of v1api20231001.ManagedClusterPodIdentityProvisioningError_STATUS - An error response from the pod identity provisioning. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object error: - description: |- - Storage version of v1api20231001.ManagedClusterPodIdentityProvisioningErrorBody_STATUS - An error response from the pod identity provisioning. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string details: items: - description: Storage version of v1api20231001.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -19761,17 +13527,10 @@ spec: type: array userAssignedIdentityExceptions: items: - description: |- - Storage version of v1api20231001.ManagedClusterPodIdentityException_STATUS - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -19785,16 +13544,10 @@ spec: type: array type: object powerState: - description: |- - Storage version of v1api20231001.PowerState_STATUS - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -19803,16 +13556,10 @@ spec: type: string privateLinkResources: items: - description: |- - Storage version of v1api20231001.PrivateLinkResource_STATUS - A private link resource properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object groupId: type: string @@ -19837,28 +13584,16 @@ spec: resourceUID: type: string securityProfile: - description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfile_STATUS - Security profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: |- - Storage version of v1api20231001.AzureKeyVaultKms_STATUS - Azure Key Vault key management service settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -19870,47 +13605,28 @@ spec: type: string type: object defender: - description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfileDefender_STATUS - Microsoft Defender settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object logAnalyticsWorkspaceResourceId: type: string securityMonitoring: - description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS - Microsoft Defender settings for the security profile threat detection. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object imageCleaner: - description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfileImageCleaner_STATUS - Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here - are settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -19918,69 +13634,38 @@ spec: type: integer type: object workloadIdentity: - description: |- - Storage version of v1api20231001.ManagedClusterSecurityProfileWorkloadIdentity_STATUS - Workload identity settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object serviceMeshProfile: - description: |- - Storage version of v1api20231001.ServiceMeshProfile_STATUS - Service mesh profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object istio: - description: |- - Storage version of v1api20231001.IstioServiceMesh_STATUS - Istio service mesh configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object certificateAuthority: - description: |- - Storage version of v1api20231001.IstioCertificateAuthority_STATUS - Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described - here https://aka.ms/asm-plugin-ca properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object plugin: - description: |- - Storage version of v1api20231001.IstioPluginCertificateAuthority_STATUS - Plugin certificates information for Service Mesh. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object certChainObjectName: type: string @@ -19995,29 +13680,17 @@ spec: type: object type: object components: - description: |- - Storage version of v1api20231001.IstioComponents_STATUS - Istio components configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object egressGateways: items: - description: |- - Storage version of v1api20231001.IstioEgressGateway_STATUS - Istio egress gateway configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -20029,17 +13702,10 @@ spec: type: array ingressGateways: items: - description: |- - Storage version of v1api20231001.IstioIngressGateway_STATUS - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -20057,31 +13723,19 @@ spec: type: string type: object servicePrincipalProfile: - description: |- - Storage version of v1api20231001.ManagedClusterServicePrincipalProfile_STATUS - Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string type: object sku: - description: |- - Storage version of v1api20231001.ManagedClusterSKU_STATUS - The SKU of a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -20089,73 +13743,43 @@ spec: type: string type: object storageProfile: - description: |- - Storage version of v1api20231001.ManagedClusterStorageProfile_STATUS - Storage profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: |- - Storage version of v1api20231001.ManagedClusterStorageProfileBlobCSIDriver_STATUS - AzureBlob CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object diskCSIDriver: - description: |- - Storage version of v1api20231001.ManagedClusterStorageProfileDiskCSIDriver_STATUS - AzureDisk CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object fileCSIDriver: - description: |- - Storage version of v1api20231001.ManagedClusterStorageProfileFileCSIDriver_STATUS - AzureFile CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object snapshotController: - description: |- - Storage version of v1api20231001.ManagedClusterStorageProfileSnapshotController_STATUS - Snapshot Controller settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -20164,16 +13788,10 @@ spec: supportPlan: type: string systemData: - description: |- - Storage version of v1api20231001.SystemData_STATUS - Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -20195,28 +13813,16 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20231001.ClusterUpgradeSettings_STATUS - Settings for upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object overrideSettings: - description: |- - Storage version of v1api20231001.UpgradeOverrideSettings_STATUS - Settings for overrides when upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object forceUpgrade: type: boolean @@ -20225,32 +13831,20 @@ spec: type: object type: object windowsProfile: - description: |- - Storage version of v1api20231001.ManagedClusterWindowsProfile_STATUS - Profile for Windows VMs in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: - description: |- - Storage version of v1api20231001.WindowsGmsaProfile_STATUS - Windows gMSA Profile in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServer: type: string @@ -20263,43 +13857,25 @@ spec: type: string type: object workloadAutoScalerProfile: - description: |- - Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfile_STATUS - Workload Auto-scaler profile for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keda: - description: |- - Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS - KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object verticalPodAutoscaler: - description: |- - Storage version of v1api20231001.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS - VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -20327,197 +13903,108 @@ spec: name: v1api20240402preview schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: aadProfile: - description: 'AadProfile: The Azure Active Directory configuration.' properties: adminGroupObjectIDs: - description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: - description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string enableAzureRBAC: - description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: - description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: - description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string serverAppSecret: - description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: |- - TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment - subscription. type: string type: object addonProfiles: additionalProperties: - description: A Kubernetes add-on profile for a managed cluster. properties: config: additionalProperties: type: string - description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: - description: 'Enabled: Whether the add-on is enabled or not.' type: boolean required: - enabled type: object - description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: - description: 'AgentPoolProfiles: The agent pool properties.' items: - description: Profile for the container service agent pool. properties: artifactStreamingProfile: - description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' properties: enabled: - description: |- - Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use - this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. type: boolean type: object availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableCustomCATrust: - description: |- - EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a - daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded - certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gatewayProfile: - description: |- - GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is - not Gateway. properties: publicIPPrefixSize: - description: |- - PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide - public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with - one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure - public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 - nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. maximum: 31 minimum: 28 type: integer type: object gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' enum: - MIG1g - MIG2g @@ -20526,262 +14013,160 @@ spec: - MIG7g type: string gpuProfile: - description: 'GpuProfile: The GPU settings of an agent pool.' properties: installGPUDriver: - description: |- - InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU - Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents - automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver - installation themselves. type: boolean type: object hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. enum: - OS - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' maximum: 90 minimum: 10 type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' maximum: 524288 minimum: 65536 type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' maximum: 2097152 minimum: 131072 type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: - description: |- - MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of - the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., - will be printed raw and not be executed as a script). type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: - Gateway - System - User type: string name: - description: 'Name: Windows agent pool names must be 6 characters or less.' pattern: ^[a-z][a-z0-9]{0,11}$ type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. maximum: 65535 minimum: 1 type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. maximum: 65535 minimum: 1 type: integer protocol: - description: 'Protocol: The network protocol of the port.' enum: - TCP - UDP @@ -20789,114 +14174,65 @@ spec: type: object type: array applicationSecurityGroupsReferences: - description: |- - ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when - created. items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object nodeInitializationTaints: - description: |- - NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field - can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that - requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the - node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint - nodes node1 key1=value1:NoSchedule-` items: type: string type: array nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version and are supported. When is - specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same - once it has been created will not trigger an upgrade, even if a newer patch version is available. As a - best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version - must have the same major version as the control plane. The node pool minor version must be within two minor versions of - the control plane version. The node pool version cannot be greater than the control plane version. For more information - see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or - Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is - deprecated. enum: - AzureLinux - CBLMariner @@ -20907,163 +14243,99 @@ spec: - WindowsAnnual type: string osType: - description: 'OsType: The operating system type. The default is Linux.' enum: - Linux - Windows type: string podIPAllocationMode: - description: |- - PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is - 'DynamicIndividual'. enum: - DynamicIndividual - StaticBlock type: string podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' enum: - Running - Stopped type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' enum: - Deallocate - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. enum: - Deallocate - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' enum: - Regular - Spot type: string securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean sshAccess: - description: 'SshAccess: SSH access method of an agent pool.' enum: - Disabled - LocalUser type: string type: object spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' enum: - AvailabilitySet - VirtualMachineScaleSets - VirtualMachines type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. maximum: 1440 minimum: 1 type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and - moving on to next node. If not specified, the default is 0 minutes. maximum: 30 minimum: 0 type: integer undrainableNodeBehavior: - description: |- - UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable - nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the - remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. enum: - Cordon - Schedule @@ -21071,58 +14343,36 @@ spec: type: object virtualMachineNodesStatus: items: - description: Current status on a group of nodes of the same vm size. properties: count: - description: 'Count: Number of nodes.' type: integer size: - description: 'Size: The VM size of the agents used to host this group of nodes.' type: string type: object type: array virtualMachinesProfile: - description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' properties: scale: - description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' properties: autoscale: - description: |- - Autoscale: Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, - at most one AutoScaleProfile is allowed. items: - description: Specifications on auto-scaling. properties: maxCount: - description: 'MaxCount: The maximum number of nodes of the specified sizes.' type: integer minCount: - description: 'MinCount: The minimum number of nodes of the specified sizes.' type: integer sizes: - description: |- - Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the - first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS - will use the next size. items: type: string type: array type: object type: array manual: - description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' items: - description: Specifications on number of machines. properties: count: - description: 'Count: Number of nodes.' type: integer sizes: - description: |- - Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the - first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will - use the next size. items: type: string type: array @@ -21131,45 +14381,25 @@ spec: type: object type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: |- - DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT - Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' enum: - KataMshvVmIsolation - OCIContainer @@ -21180,69 +14410,38 @@ spec: type: object type: array aiToolchainOperatorProfile: - description: 'AiToolchainOperatorProfile: AI toolchain operator settings that apply to the whole cluster.' properties: enabled: - description: 'Enabled: Indicates if AI toolchain operator enabled or not.' type: boolean type: object apiServerAccessProfile: - description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: |- - AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with - clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API - server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array disableRunCommand: - description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: |- - EnablePrivateCluster: For more details, see [Creating a private AKS - cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: - description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean enableVnetIntegration: - description: 'EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not.' type: boolean privateDNSZone: - description: |- - PrivateDNSZone: The default is System. For more details see [configure private DNS - zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and - 'none'. type: string subnetId: - description: |- - SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable - apiserver vnet integration. type: string type: object autoScalerProfile: - description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' properties: balance-similar-node-groups: - description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string daemonset-eviction-for-empty-nodes: - description: |- - DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the - node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be - deleted without ensuring that daemonset pods are deleted or evicted. type: boolean daemonset-eviction-for-occupied-nodes: - description: |- - DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion - of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node - will be deleted without ensuring that daemonset pods are deleted or evicted. type: boolean expander: - description: 'Expander: Available values are: ''least-waste'', ''most-pods'', ''priority'', ''random''.' enum: - least-waste - most-pods @@ -21250,76 +14449,41 @@ spec: - random type: string ignore-daemonsets-utilization: - description: |- - IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making - scaling down decisions. type: boolean max-empty-bulk-delete: - description: 'MaxEmptyBulkDelete: The default is 10.' type: string max-graceful-termination-sec: - description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: |- - MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string max-total-unready-percentage: - description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: |- - NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler - could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is - '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: - description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: |- - ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-delay-after-delete: - description: |- - ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of - time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: |- - ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other - than minutes (m) is supported. type: string scale-down-unneeded-time: - description: |- - ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-unready-time: - description: |- - ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-utilization-threshold: - description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' type: string scan-interval: - description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' type: string skip-nodes-with-local-storage: - description: 'SkipNodesWithLocalStorage: The default is true.' type: string skip-nodes-with-system-pods: - description: 'SkipNodesWithSystemPods: The default is true.' type: string type: object autoUpgradeProfile: - description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: nodeOSUpgradeChannel: - description: 'NodeOSUpgradeChannel: The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.' enum: - NodeImage - None @@ -21327,9 +14491,6 @@ spec: - Unmanaged type: string upgradeChannel: - description: |- - UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade - channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). enum: - node-image - none @@ -21339,115 +14500,61 @@ spec: type: string type: object azureMonitorProfile: - description: 'AzureMonitorProfile: Prometheus addon profile for the container service cluster' properties: appMonitoring: - description: |- - AppMonitoring: Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics - and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: autoInstrumentation: - description: |- - AutoInstrumentation: Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook - to auto-instrument Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the - application. See aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: enabled: - description: 'Enabled: Indicates if Application Monitoring Auto Instrumentation is enabled or not.' type: boolean type: object openTelemetryLogs: - description: |- - OpenTelemetryLogs: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and - Traces. Collects OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: enabled: - description: 'Enabled: Indicates if Application Monitoring Open Telemetry Logs and traces is enabled or not.' type: boolean port: - description: 'Port: The Open Telemetry host port for Open Telemetry logs and traces. If not specified, the default port is 28331.' type: integer type: object openTelemetryMetrics: - description: |- - OpenTelemetryMetrics: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container - Metrics. Collects OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: enabled: - description: 'Enabled: Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.' type: boolean port: - description: 'Port: The Open Telemetry host port for Open Telemetry metrics. If not specified, the default port is 28333.' type: integer type: object type: object containerInsights: - description: |- - ContainerInsights: Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & - stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. properties: disableCustomMetrics: - description: |- - DisableCustomMetrics: Indicates whether custom metrics collection has to be disabled or not. If not specified the - default is false. No custom metrics will be emitted if this field is false but the container insights enabled field is - false type: boolean disablePrometheusMetricsScraping: - description: |- - DisablePrometheusMetricsScraping: Indicates whether prometheus metrics scraping is disabled or not. If not specified the - default is false. No prometheus metrics will be emitted if this field is false but the container insights enabled field - is false type: boolean enabled: - description: 'Enabled: Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.' type: boolean logAnalyticsWorkspaceResourceReference: - description: |- - LogAnalyticsWorkspaceResourceReference: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing - Azure Monitor Container Insights Logs. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object syslogPort: - description: 'SyslogPort: The syslog host port. If not specified, the default port is 28330.' type: integer type: object metrics: - description: 'Metrics: Metrics profile for the prometheus service addon' properties: enabled: - description: 'Enabled: Whether to enable the Prometheus collector' type: boolean kubeStateMetrics: - description: 'KubeStateMetrics: Kube State Metrics for prometheus addon profile for the container service cluster' properties: metricAnnotationsAllowList: - description: |- - MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource's - labels metric. type: string metricLabelsAllowlist: - description: |- - MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels - metric. type: string type: object required: @@ -21455,226 +14562,136 @@ spec: type: object type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. maxLength: 63 minLength: 1 pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ type: string bootstrapProfile: - description: 'BootstrapProfile: Profile of the cluster bootstrap configuration.' properties: artifactSource: - description: 'ArtifactSource: The source where the artifacts are downloaded from.' enum: - Cache - Direct type: string containerRegistryReference: - description: |- - ContainerRegistryReference: The resource Id of Azure Container Registry. The registry must have private network access, - premium SKU and zone redundancy. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a - snapshot. properties: sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object disableLocalAccounts: - description: |- - DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be - used on Managed Clusters that are AAD enabled. For more details see [disable local - accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetReference: - description: |- - DiskEncryptionSetReference: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object dnsPrefix: - description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enableNamespaceResources: - description: |- - EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed - cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as - a ARM Resource. type: boolean enablePodSecurityPolicy: - description: |- - EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was - deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and - https://aka.ms/aks/psp. type: boolean enableRBAC: - description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: 'ExtendedLocation: The extended location of the Virtual Machine.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' enum: - EdgeZone type: string type: object fqdnSubdomain: - description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string httpProxyConfig: - description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' properties: httpProxy: - description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: - description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: - description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: - description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object identity: - description: 'Identity: The identity of the managed cluster, if configured.' properties: delegatedResources: additionalProperties: - description: Delegated resource properties - internal use only. properties: location: - description: 'Location: The source resource location - internal use only.' type: string referralResource: - description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' type: string resourceReference: - description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object tenantId: - description: 'TenantId: The tenant id of the delegated resource - internal use only.' pattern: ^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$ type: string type: object - description: |- - DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another - Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object type: - description: |- - Type: For more information see [use managed identities in - AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). enum: - None - SystemAssigned - UserAssigned type: string userAssignedIdentities: - description: |- - UserAssignedIdentities: The keys must be ARM resource IDs in the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. items: - description: Information about the user assigned identity for the resource properties: reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -21682,133 +14699,82 @@ spec: type: object identityProfile: additionalProperties: - description: Details about a user assigned identity. properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string clientIdFromConfig: - description: 'ClientIdFromConfig: The client ID of the user assigned identity.' properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string objectIdFromConfig: - description: 'ObjectIdFromConfig: The object ID of the user assigned identity.' properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object - description: 'IdentityProfile: Identities associated with the cluster.' type: object ingressProfile: - description: 'IngressProfile: Ingress profile for the managed cluster.' properties: webAppRouting: - description: 'WebAppRouting: Web App Routing settings for the ingress profile.' properties: dnsZoneResourceReferences: - description: |- - DnsZoneResourceReferences: Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only - when Web App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS - zones must be in the same resource group and all private DNS zones must be in the same resource group. items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array enabled: - description: 'Enabled: Whether to enable Web App Routing.' type: boolean type: object type: object kind: - description: 'Kind: This is primarily used to expose different UI experiences in the portal for different kinds' type: string kubernetesVersion: - description: |- - KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades - must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> - 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS - cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' properties: adminUsername: - description: 'AdminUsername: The administrator username to use for Linux VMs.' pattern: ^[A-Za-z][-A-Za-z0-9_]*$ type: string ssh: - description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' properties: publicKeys: - description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: Contains information about SSH certificate public key data. properties: keyData: - description: |- - KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or - without headers. type: string required: - keyData @@ -21822,228 +14788,144 @@ spec: - ssh type: object location: - description: 'Location: The geo-location where the resource lives' type: string metricsProfile: - description: 'MetricsProfile: Optional cluster metrics configuration.' properties: costAnalysis: - description: 'CostAnalysis: The cost analysis configuration for the cluster' properties: enabled: - description: |- - Enabled: The Managed Cluster sku.tier must be set to 'Standard' or 'Premium' to enable this feature. Enabling this will - add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the - default is false. For more information see aka.ms/aks/docs/cost-analysis. type: boolean type: object type: object networkProfile: - description: 'NetworkProfile: The network configuration profile.' properties: advancedNetworking: - description: |- - AdvancedNetworking: Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced - networking features may incur additional costs. For more information see aka.ms/aksadvancednetworking. properties: observability: - description: 'Observability: Observability profile to enable advanced network metrics and flow logs with historical contexts.' properties: enabled: - description: 'Enabled: Indicates the enablement of Advanced Networking observability functionalities on clusters.' type: boolean type: object type: object dnsServiceIP: - description: |- - DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address - range specified in serviceCidr. pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ type: string ipFamilies: - description: |- - IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value - is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: - description: To determine if address belongs IPv4 or IPv6 family. enum: - IPv4 - IPv6 type: string type: array kubeProxyConfig: - description: |- - KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy - defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ - where is represented by a - string. Kubernetes version 1.23 would be '1-23'. properties: enabled: - description: |- - Enabled: Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by - default without these customizations). type: boolean ipvsConfig: - description: 'IpvsConfig: Holds configuration customizations for IPVS. May only be specified if ''mode'' is set to ''IPVS''.' properties: scheduler: - description: 'Scheduler: IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.' enum: - LeastConnection - RoundRobin type: string tcpFinTimeoutSeconds: - description: |- - TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive - integer value. type: integer tcpTimeoutSeconds: - description: 'TcpTimeoutSeconds: The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.' type: integer udpTimeoutSeconds: - description: 'UdpTimeoutSeconds: The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.' type: integer type: object mode: - description: 'Mode: Specify which proxy mode to use (''IPTABLES'' or ''IPVS'')' enum: - IPTABLES - IPVS type: string type: object loadBalancerProfile: - description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: |- - AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 - (inclusive). The default value is 0 which results in Azure dynamically allocating ports. maximum: 64000 minimum: 0 type: integer backendPoolType: - description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' enum: - NodeIP - NodeIPConfiguration type: string clusterServiceLoadBalancerHealthProbeMode: - description: 'ClusterServiceLoadBalancerHealthProbeMode: The health probing behavior for External Traffic Policy Cluster services.' enum: - ServiceNodePort - Shared type: string effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: - description: A reference to an Azure resource. properties: reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array enableMultipleStandardLoadBalancers: - description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 30 minutes. maximum: 120 minimum: 4 type: integer managedOutboundIPs: - description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: |- - Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values - must be in the range of 1 to 100 (inclusive). The default value is 1. maximum: 100 minimum: 1 type: integer countIPv6: - description: |- - CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed - values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. maximum: 100 minimum: 0 type: integer type: object outboundIPPrefixes: - description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' properties: publicIPPrefixes: - description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: A reference to an Azure resource. properties: reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array type: object outboundIPs: - description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' properties: publicIPs: - description: 'PublicIPs: A list of public IP resources.' items: - description: A reference to an Azure resource. properties: reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -22051,89 +14933,62 @@ spec: type: object type: object loadBalancerSku: - description: |- - LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer - SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load - balancer SKUs. enum: - basic - standard type: string natGatewayProfile: - description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' properties: effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' items: - description: A reference to an Azure resource. properties: reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 4 minutes. maximum: 120 minimum: 4 type: integer managedOutboundIPProfile: - description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: |- - Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 - (inclusive). The default value is 1. maximum: 16 minimum: 1 type: integer type: object type: object networkDataplane: - description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' enum: - azure - cilium type: string networkMode: - description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' enum: - bridge - transparent type: string networkPlugin: - description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' enum: - azure - kubenet - none type: string networkPluginMode: - description: 'NetworkPluginMode: Network plugin mode used for building the Kubernetes network.' enum: - overlay type: string networkPolicy: - description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' enum: - azure - calico @@ -22141,9 +14996,6 @@ spec: - none type: string outboundType: - description: |- - OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see - [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). enum: - loadBalancer - managedNATGateway @@ -22152,106 +15004,63 @@ spec: - userDefinedRouting type: string podCidr: - description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string podCidrs: - description: |- - PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. items: type: string type: array podLinkLocalAccess: - description: |- - PodLinkLocalAccess: Defines access to special link local addresses (Azure Instance Metadata Service, aka IMDS) for pods - with hostNetwork=false. if not specified, the default is 'IMDS'. enum: - IMDS - None type: string serviceCidr: - description: |- - ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP - ranges. pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidrs: - description: |- - ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array staticEgressGatewayProfile: - description: |- - StaticEgressGatewayProfile: The profile for Static Egress Gateway addon. For more details about Static Egress Gateway, - see https://aka.ms/aks/static-egress-gateway. properties: enabled: - description: 'Enabled: Indicates if Static Egress Gateway addon is enabled or not.' type: boolean type: object type: object nodeProvisioningProfile: - description: 'NodeProvisioningProfile: Node provisioning settings that apply to the whole cluster.' properties: mode: - description: 'Mode: Once the mode it set to Auto, it cannot be changed back to Manual.' enum: - Auto - Manual type: string type: object nodeResourceGroup: - description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string nodeResourceGroupProfile: - description: 'NodeResourceGroupProfile: The node resource group configuration profile.' properties: restrictionLevel: - description: 'RestrictionLevel: The restriction level applied to the cluster''s node resource group' enum: - ReadOnly - Unrestricted type: string type: object oidcIssuerProfile: - description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' properties: enabled: - description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean type: object operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -22259,20 +15068,12 @@ spec: type: object type: array configMaps: - description: 'ConfigMaps: configures where to place operator written ConfigMaps.' properties: oidcIssuerProfile: - description: |- - OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be - created. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -22280,29 +15081,13 @@ spec: type: object type: object secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -22310,37 +15095,22 @@ spec: type: object type: array secrets: - description: 'Secrets: configures where to place Azure generated secrets.' properties: adminCredentials: - description: |- - AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key - name type: object userCredentials: - description: |- - UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key @@ -22349,106 +15119,66 @@ spec: type: object type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podIdentityProfile: - description: |- - PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more - details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: |- - AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod - Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. type: boolean enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' type: boolean userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' items: - description: Details about the pod identity assigned to the Managed Cluster. properties: bindingSelector: - description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: 'Identity: The user assigned identity details.' properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string clientIdFromConfig: - description: 'ClientIdFromConfig: The client ID of the user assigned identity.' properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string objectIdFromConfig: - description: 'ObjectIdFromConfig: The object ID of the user assigned identity.' properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object name: - description: 'Name: The name of the pod identity.' type: string namespace: - description: 'Namespace: The namespace of the pod identity.' type: string required: - identity @@ -22457,22 +15187,15 @@ spec: type: object type: array userAssignedIdentityExceptions: - description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: |- - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: - description: 'Name: The name of the pod identity exception.' type: string namespace: - description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string - description: 'PodLabels: The pod labels to match.' type: object required: - name @@ -22482,285 +15205,177 @@ spec: type: array type: object privateLinkResources: - description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: A private link resource properties: groupId: - description: 'GroupId: The group ID of the resource.' type: string name: - description: 'Name: The name of the private link resource.' type: string reference: - description: 'Reference: The ID of the private link resource.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requiredMembers: - description: 'RequiredMembers: The RequiredMembers of the resource' items: type: string type: array type: - description: 'Type: The resource type.' type: string type: object type: array publicNetworkAccess: - description: 'PublicNetworkAccess: Allow or deny public network access for AKS' enum: - Disabled - Enabled - SecuredByPerimeter type: string safeguardsProfile: - description: 'SafeguardsProfile: The Safeguards profile holds all the safeguards information for a given cluster' properties: excludedNamespaces: - description: 'ExcludedNamespaces: List of namespaces excluded from Safeguards checks' items: type: string type: array level: - description: |- - Level: The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS - excludes via systemExcludedNamespaces enum: - Enforcement - "Off" - Warning type: string version: - description: 'Version: The version of constraints to use' type: string required: - level type: object securityProfile: - description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: |- - AzureKeyVaultKms: Azure Key Vault [key management - service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: - description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: |- - KeyId: Identifier of Azure Key Vault key. See [key identifier - format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) - for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key - identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: |- - KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the - key vault allows public access from all networks. `Private` means the key vault disables public access and enables - private link. The default value is `Public`. enum: - Private - Public type: string keyVaultResourceReference: - description: |- - KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and - must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object customCATrustCertificates: - description: |- - CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the - Custom CA Trust feature enabled. For more information see [Custom CA Trust - Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority) items: type: string maxItems: 10 minItems: 0 type: array defender: - description: 'Defender: Microsoft Defender settings for the security profile.' properties: logAnalyticsWorkspaceResourceReference: - description: |- - LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft - Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When - Microsoft Defender is disabled, leave the field empty. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object securityMonitoring: - description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Defender threat detection' type: boolean type: object type: object imageCleaner: - description: 'ImageCleaner: Image Cleaner settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' type: boolean intervalHours: - description: 'IntervalHours: Image Cleaner scanning interval in hours.' type: integer type: object imageIntegrity: - description: |- - ImageIntegrity: Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This - will not have any effect unless Azure Policy is applied to enforce image signatures. See - https://aka.ms/aks/image-integrity for how to use this feature via policy. properties: enabled: - description: 'Enabled: Whether to enable image integrity. The default value is false.' type: boolean type: object nodeRestriction: - description: |- - NodeRestriction: [Node - Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings - for the security profile. properties: enabled: - description: 'Enabled: Whether to enable Node Restriction' type: boolean type: object workloadIdentity: - description: |- - WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications - to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: - description: 'Enabled: Whether to enable workload identity.' type: boolean type: object type: object serviceMeshProfile: - description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' properties: istio: - description: 'Istio: Istio service mesh configuration.' properties: certificateAuthority: - description: |- - CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin - certificates as described here https://aka.ms/asm-plugin-ca properties: plugin: - description: 'Plugin: Plugin certificates information for Service Mesh.' properties: certChainObjectName: - description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' type: string certObjectName: - description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' type: string keyObjectName: - description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' type: string keyVaultReference: - description: 'KeyVaultReference: The resource ID of the Key Vault.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object rootCertObjectName: - description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' type: string type: object type: object components: - description: 'Components: Istio components configuration.' properties: egressGateways: - description: 'EgressGateways: Istio egress gateways.' items: - description: Istio egress gateway configuration. properties: enabled: - description: 'Enabled: Whether to enable the egress gateway.' type: boolean required: - enabled type: object type: array ingressGateways: - description: 'IngressGateways: Istio ingress gateways.' items: - description: |- - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: enabled: - description: 'Enabled: Whether to enable the ingress gateway.' type: boolean mode: - description: 'Mode: Mode of an ingress gateway.' enum: - External - Internal @@ -22772,17 +15387,12 @@ spec: type: array type: object revisions: - description: |- - Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. - When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: - https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string maxItems: 2 type: array type: object mode: - description: 'Mode: Mode of the service mesh.' enum: - Disabled - Istio @@ -22791,23 +15401,14 @@ spec: - mode type: object servicePrincipalProfile: - description: |- - ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure - APIs. properties: clientId: - description: 'ClientId: The ID for the service principal.' type: string secret: - description: 'Secret: The secret password associated with the service principal in plain text.' properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key @@ -22817,18 +15418,13 @@ spec: - clientId type: object sku: - description: 'Sku: The managed cluster SKU.' properties: name: - description: 'Name: The name of a managed cluster SKU.' enum: - Automatic - Base type: string tier: - description: |- - Tier: If not specified, the default is 'Free'. See [AKS Pricing - Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. enum: - Free - Premium @@ -22836,42 +15432,31 @@ spec: type: string type: object storageProfile: - description: 'StorageProfile: Storage profile for the managed cluster.' properties: blobCSIDriver: - description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' type: boolean type: object diskCSIDriver: - description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' type: boolean version: - description: 'Version: The version of AzureDisk CSI Driver. The default value is v1.' type: string type: object fileCSIDriver: - description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' type: boolean type: object snapshotController: - description: 'SnapshotController: Snapshot Controller settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' type: boolean type: object type: object supportPlan: - description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' enum: - AKSLongTermSupport - KubernetesOfficial @@ -22879,91 +15464,43 @@ spec: tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading a cluster.' properties: overrideSettings: - description: 'OverrideSettings: Settings for overrides.' properties: forceUpgrade: - description: |- - ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade - protections such as checking for deprecated API usage. Enable this option only with caution. type: boolean until: - description: |- - Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the - effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set - by default. It must be set for the overrides to take effect. type: string type: object type: object windowsProfile: - description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: adminPassword: - description: |- - AdminPassword: Specifies the password of the administrator account. - Minimum-length: 8 characters - Max-length: 123 characters - Complexity requirements: 3 out of 4 conditions below need to be fulfilled - Has lower characters - Has upper characters - Has a digit - Has a special character (Regex match [\W_]) - Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", - "Password22", "iloveyou!" properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key - name type: object adminUsername: - description: |- - AdminUsername: Specifies the name of the administrator account. - Restriction: Cannot end in "." - Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", - "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", - "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". - Minimum-length: 1 character - Max-length: 20 characters type: string enableCSIProxy: - description: |- - EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub - repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: - description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: |- - DnsServer: Specifies the DNS server for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: - description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: |- - RootDomainName: Specifies the root domain name for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: |- - LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User - Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. enum: - None - Windows_Server @@ -22972,13 +15509,10 @@ spec: - adminUsername type: object workloadAutoScalerProfile: - description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' properties: keda: - description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' properties: enabled: - description: 'Enabled: Whether to enable KEDA.' type: boolean required: - enabled @@ -22986,13 +15520,11 @@ spec: verticalPodAutoscaler: properties: addonAutoscaling: - description: 'AddonAutoscaling: Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.' enum: - Disabled - Enabled type: string enabled: - description: 'Enabled: Whether to enable VPA add-on in cluster. Default value is false.' type: boolean required: - enabled @@ -23003,612 +15535,338 @@ spec: - owner type: object status: - description: Managed cluster. properties: aadProfile: - description: 'AadProfile: The Azure Active Directory configuration.' properties: adminGroupObjectIDs: - description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: - description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string enableAzureRBAC: - description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: - description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: - description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string serverAppSecret: - description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: |- - TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment - subscription. type: string type: object addonProfiles: additionalProperties: - description: A Kubernetes add-on profile for a managed cluster. properties: config: additionalProperties: type: string - description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: - description: 'Enabled: Whether the add-on is enabled or not.' type: boolean identity: - description: 'Identity: Information of user assigned identity used by this add-on.' properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string type: object type: object - description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: - description: 'AgentPoolProfiles: The agent pool properties.' items: - description: Profile for the container service agent pool. properties: artifactStreamingProfile: - description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' properties: enabled: - description: |- - Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use - this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. type: boolean type: object availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array capacityReservationGroupID: - description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' type: string count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be - exactly equal to it. If orchestratorVersion was , this field will contain the full - version being used. type: string eTag: - description: |- - ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is - updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic - concurrency per the normal etag convention. type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableCustomCATrust: - description: |- - EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a - daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded - certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gatewayProfile: - description: |- - GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is - not Gateway. properties: publicIPPrefixSize: - description: |- - PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide - public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with - one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure - public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 - nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. type: integer type: object gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string gpuProfile: - description: 'GpuProfile: The GPU settings of an agent pool.' properties: installGPUDriver: - description: |- - InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU - Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents - automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver - installation themselves. type: boolean type: object hostGroupID: - description: |- - HostGroupID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: - description: |- - MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of - the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., - will be printed raw and not be executed as a script). type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: - description: 'Name: Windows agent pool names must be 6 characters or less.' type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. type: integer protocol: - description: 'Protocol: The network protocol of the port.' type: string type: object type: array applicationSecurityGroups: - description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' items: type: string type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object nodeImageVersion: - description: 'NodeImageVersion: The version of node image' type: string nodeInitializationTaints: - description: |- - NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field - can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that - requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the - node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint - nodes node1 key1=value1:NoSchedule-` items: type: string type: array nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version and are supported. When is - specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same - once it has been created will not trigger an upgrade, even if a newer patch version is available. As a - best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version - must have the same major version as the control plane. The node pool minor version must be within two minor versions of - the control plane version. The node pool version cannot be greater than the control plane version. For more information - see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or - Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is - deprecated. type: string osType: - description: 'OsType: The operating system type. The default is Linux.' type: string podIPAllocationMode: - description: |- - PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is - 'DynamicIndividual'. type: string podSubnetID: - description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' type: string proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean sshAccess: - description: 'SshAccess: SSH access method of an agent pool.' type: string type: object spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and - moving on to next node. If not specified, the default is 0 minutes. type: integer undrainableNodeBehavior: - description: |- - UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable - nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the - remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. type: string type: object virtualMachineNodesStatus: items: - description: Current status on a group of nodes of the same vm size. properties: count: - description: 'Count: Number of nodes.' type: integer size: - description: 'Size: The VM size of the agents used to host this group of nodes.' type: string type: object type: array virtualMachinesProfile: - description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' properties: scale: - description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' properties: autoscale: - description: |- - Autoscale: Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, - at most one AutoScaleProfile is allowed. items: - description: Specifications on auto-scaling. properties: maxCount: - description: 'MaxCount: The maximum number of nodes of the specified sizes.' type: integer minCount: - description: 'MinCount: The minimum number of nodes of the specified sizes.' type: integer sizes: - description: |- - Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the - first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS - will use the next size. items: type: string type: array type: object type: array manual: - description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' items: - description: Specifications on number of machines. properties: count: - description: 'Count: Number of nodes.' type: integer sizes: - description: |- - Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the - first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will - use the next size. items: type: string type: array @@ -23617,325 +15875,169 @@ spec: type: object type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: |- - DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT - Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: array aiToolchainOperatorProfile: - description: 'AiToolchainOperatorProfile: AI toolchain operator settings that apply to the whole cluster.' properties: enabled: - description: 'Enabled: Indicates if AI toolchain operator enabled or not.' type: boolean type: object apiServerAccessProfile: - description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: |- - AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with - clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API - server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array disableRunCommand: - description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: |- - EnablePrivateCluster: For more details, see [Creating a private AKS - cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: - description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean enableVnetIntegration: - description: 'EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not.' type: boolean privateDNSZone: - description: |- - PrivateDNSZone: The default is System. For more details see [configure private DNS - zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and - 'none'. type: string subnetId: - description: |- - SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable - apiserver vnet integration. type: string type: object autoScalerProfile: - description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' properties: balance-similar-node-groups: - description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string daemonset-eviction-for-empty-nodes: - description: |- - DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the - node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be - deleted without ensuring that daemonset pods are deleted or evicted. type: boolean daemonset-eviction-for-occupied-nodes: - description: |- - DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion - of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node - will be deleted without ensuring that daemonset pods are deleted or evicted. type: boolean expander: - description: 'Expander: Available values are: ''least-waste'', ''most-pods'', ''priority'', ''random''.' type: string ignore-daemonsets-utilization: - description: |- - IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making - scaling down decisions. type: boolean max-empty-bulk-delete: - description: 'MaxEmptyBulkDelete: The default is 10.' type: string max-graceful-termination-sec: - description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: |- - MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string max-total-unready-percentage: - description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: |- - NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler - could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is - '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: - description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: |- - ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-delay-after-delete: - description: |- - ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of - time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: |- - ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other - than minutes (m) is supported. type: string scale-down-unneeded-time: - description: |- - ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-unready-time: - description: |- - ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-utilization-threshold: - description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' type: string scan-interval: - description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' type: string skip-nodes-with-local-storage: - description: 'SkipNodesWithLocalStorage: The default is true.' type: string skip-nodes-with-system-pods: - description: 'SkipNodesWithSystemPods: The default is true.' type: string type: object autoUpgradeProfile: - description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: nodeOSUpgradeChannel: - description: 'NodeOSUpgradeChannel: The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.' type: string upgradeChannel: - description: |- - UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade - channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). type: string type: object azureMonitorProfile: - description: 'AzureMonitorProfile: Prometheus addon profile for the container service cluster' properties: appMonitoring: - description: |- - AppMonitoring: Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics - and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: autoInstrumentation: - description: |- - AutoInstrumentation: Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook - to auto-instrument Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the - application. See aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: enabled: - description: 'Enabled: Indicates if Application Monitoring Auto Instrumentation is enabled or not.' type: boolean type: object openTelemetryLogs: - description: |- - OpenTelemetryLogs: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and - Traces. Collects OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: enabled: - description: 'Enabled: Indicates if Application Monitoring Open Telemetry Logs and traces is enabled or not.' type: boolean port: - description: 'Port: The Open Telemetry host port for Open Telemetry logs and traces. If not specified, the default port is 28331.' type: integer type: object openTelemetryMetrics: - description: |- - OpenTelemetryMetrics: Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container - Metrics. Collects OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: enabled: - description: 'Enabled: Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.' type: boolean port: - description: 'Port: The Open Telemetry host port for Open Telemetry metrics. If not specified, the default port is 28333.' type: integer type: object type: object containerInsights: - description: |- - ContainerInsights: Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & - stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview. properties: disableCustomMetrics: - description: |- - DisableCustomMetrics: Indicates whether custom metrics collection has to be disabled or not. If not specified the - default is false. No custom metrics will be emitted if this field is false but the container insights enabled field is - false type: boolean disablePrometheusMetricsScraping: - description: |- - DisablePrometheusMetricsScraping: Indicates whether prometheus metrics scraping is disabled or not. If not specified the - default is false. No prometheus metrics will be emitted if this field is false but the container insights enabled field - is false type: boolean enabled: - description: 'Enabled: Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.' type: boolean logAnalyticsWorkspaceResourceId: - description: |- - LogAnalyticsWorkspaceResourceId: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure - Monitor Container Insights Logs. type: string syslogPort: - description: 'SyslogPort: The syslog host port. If not specified, the default port is 28330.' type: integer type: object metrics: - description: 'Metrics: Metrics profile for the prometheus service addon' properties: enabled: - description: 'Enabled: Whether to enable the Prometheus collector' type: boolean kubeStateMetrics: - description: 'KubeStateMetrics: Kube State Metrics for prometheus addon profile for the container service cluster' properties: metricAnnotationsAllowList: - description: |- - MetricAnnotationsAllowList: Comma-separated list of additional Kubernetes label keys that will be used in the resource's - labels metric. type: string metricLabelsAllowlist: - description: |- - MetricLabelsAllowlist: Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels - metric. type: string type: object type: object type: object azurePortalFQDN: - description: |- - AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some - responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure - Portal to function properly. type: string bootstrapProfile: - description: 'BootstrapProfile: Profile of the cluster bootstrap configuration.' properties: artifactSource: - description: 'ArtifactSource: The source where the artifacts are downloaded from.' type: string containerRegistryId: - description: |- - ContainerRegistryId: The resource Id of Azure Container Registry. The registry must have private network access, premium - SKU and zone redundancy. type: string type: object conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -23945,1018 +16047,615 @@ spec: type: object type: array creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a - snapshot. properties: sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentKubernetesVersion: - description: 'CurrentKubernetesVersion: The version of Kubernetes the Managed Cluster is running.' type: string disableLocalAccounts: - description: |- - DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be - used on Managed Clusters that are AAD enabled. For more details see [disable local - accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetID: - description: |- - DiskEncryptionSetID: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' type: string dnsPrefix: - description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string eTag: - description: |- - ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is - updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic - concurrency per the normal etag convention. type: string enableNamespaceResources: - description: |- - EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed - cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as - a ARM Resource. type: boolean enablePodSecurityPolicy: - description: |- - EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was - deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and - https://aka.ms/aks/psp. type: boolean enableRBAC: - description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: 'ExtendedLocation: The extended location of the Virtual Machine.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' type: string type: object fqdn: - description: 'Fqdn: The FQDN of the master pool.' type: string fqdnSubdomain: - description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string httpProxyConfig: - description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' properties: effectiveNoProxy: - description: |- - EffectiveNoProxy: A read-only list of all endpoints for which traffic should not be sent to the proxy. This list is a - superset of noProxy and values injected by AKS. items: type: string type: array httpProxy: - description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: - description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: - description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: - description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object id: - description: |- - Id: Fully qualified resource ID for the resource. E.g. - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" type: string identity: - description: 'Identity: The identity of the managed cluster, if configured.' properties: delegatedResources: additionalProperties: - description: Delegated resource properties - internal use only. properties: location: - description: 'Location: The source resource location - internal use only.' type: string referralResource: - description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' type: string resourceId: - description: 'ResourceId: The ARM resource id of the delegated resource - internal use only.' type: string tenantId: - description: 'TenantId: The tenant id of the delegated resource - internal use only.' type: string type: object - description: |- - DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another - Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object principalId: - description: 'PrincipalId: The principal id of the system assigned identity which is used by master components.' type: string tenantId: - description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' type: string type: - description: |- - Type: For more information see [use managed identities in - AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). type: string userAssignedIdentities: additionalProperties: properties: clientId: - description: 'ClientId: The client id of user assigned identity.' type: string principalId: - description: 'PrincipalId: The principal id of user assigned identity.' type: string type: object - description: |- - UserAssignedIdentities: The keys must be ARM resource IDs in the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. type: object type: object identityProfile: additionalProperties: - description: Details about a user assigned identity. properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string type: object - description: 'IdentityProfile: Identities associated with the cluster.' type: object ingressProfile: - description: 'IngressProfile: Ingress profile for the managed cluster.' properties: webAppRouting: - description: 'WebAppRouting: Web App Routing settings for the ingress profile.' properties: dnsZoneResourceIds: - description: |- - DnsZoneResourceIds: Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only when Web - App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must - be in the same resource group and all private DNS zones must be in the same resource group. items: type: string type: array enabled: - description: 'Enabled: Whether to enable Web App Routing.' type: boolean identity: - description: |- - Identity: Managed identity of the Web Application Routing add-on. This is the identity that should be granted - permissions, for example, to manage the associated Azure DNS resource and get certificates from Azure Key Vault. See - [this overview of the add-on](https://learn.microsoft.com/en-us/azure/aks/web-app-routing?tabs=with-osm) for more - instructions. properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string type: object type: object type: object kind: - description: 'Kind: This is primarily used to expose different UI experiences in the portal for different kinds' type: string kubernetesVersion: - description: |- - KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades - must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> - 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS - cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' properties: adminUsername: - description: 'AdminUsername: The administrator username to use for Linux VMs.' type: string ssh: - description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' properties: publicKeys: - description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: Contains information about SSH certificate public key data. properties: keyData: - description: |- - KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or - without headers. type: string type: object type: array type: object type: object location: - description: 'Location: The geo-location where the resource lives' type: string maxAgentPools: - description: 'MaxAgentPools: The max number of agent pools for the managed cluster.' type: integer metricsProfile: - description: 'MetricsProfile: Optional cluster metrics configuration.' properties: costAnalysis: - description: 'CostAnalysis: The cost analysis configuration for the cluster' properties: enabled: - description: |- - Enabled: The Managed Cluster sku.tier must be set to 'Standard' or 'Premium' to enable this feature. Enabling this will - add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the - default is false. For more information see aka.ms/aks/docs/cost-analysis. type: boolean type: object type: object name: - description: 'Name: The name of the resource' type: string networkProfile: - description: 'NetworkProfile: The network configuration profile.' properties: advancedNetworking: - description: |- - AdvancedNetworking: Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced - networking features may incur additional costs. For more information see aka.ms/aksadvancednetworking. properties: observability: - description: 'Observability: Observability profile to enable advanced network metrics and flow logs with historical contexts.' properties: enabled: - description: 'Enabled: Indicates the enablement of Advanced Networking observability functionalities on clusters.' type: boolean type: object type: object dnsServiceIP: - description: |- - DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address - range specified in serviceCidr. type: string ipFamilies: - description: |- - IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value - is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: - description: To determine if address belongs IPv4 or IPv6 family. type: string type: array kubeProxyConfig: - description: |- - KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy - defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ - where is represented by a - string. Kubernetes version 1.23 would be '1-23'. properties: enabled: - description: |- - Enabled: Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by - default without these customizations). type: boolean ipvsConfig: - description: 'IpvsConfig: Holds configuration customizations for IPVS. May only be specified if ''mode'' is set to ''IPVS''.' properties: scheduler: - description: 'Scheduler: IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.' type: string tcpFinTimeoutSeconds: - description: |- - TcpFinTimeoutSeconds: The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive - integer value. type: integer tcpTimeoutSeconds: - description: 'TcpTimeoutSeconds: The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.' type: integer udpTimeoutSeconds: - description: 'UdpTimeoutSeconds: The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.' type: integer type: object mode: - description: 'Mode: Specify which proxy mode to use (''IPTABLES'' or ''IPVS'')' type: string type: object loadBalancerProfile: - description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: |- - AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 - (inclusive). The default value is 0 which results in Azure dynamically allocating ports. type: integer backendPoolType: - description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' type: string clusterServiceLoadBalancerHealthProbeMode: - description: 'ClusterServiceLoadBalancerHealthProbeMode: The health probing behavior for External Traffic Policy Cluster services.' type: string effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: - description: A reference to an Azure resource. properties: id: - description: 'Id: The fully qualified Azure resource id.' type: string type: object type: array enableMultipleStandardLoadBalancers: - description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 30 minutes. type: integer managedOutboundIPs: - description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: |- - Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values - must be in the range of 1 to 100 (inclusive). The default value is 1. type: integer countIPv6: - description: |- - CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed - values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. type: integer type: object outboundIPPrefixes: - description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' properties: publicIPPrefixes: - description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: A reference to an Azure resource. properties: id: - description: 'Id: The fully qualified Azure resource id.' type: string type: object type: array type: object outboundIPs: - description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' properties: publicIPs: - description: 'PublicIPs: A list of public IP resources.' items: - description: A reference to an Azure resource. properties: id: - description: 'Id: The fully qualified Azure resource id.' type: string type: object type: array type: object type: object loadBalancerSku: - description: |- - LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer - SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load - balancer SKUs. type: string natGatewayProfile: - description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' properties: effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' items: - description: A reference to an Azure resource. properties: id: - description: 'Id: The fully qualified Azure resource id.' type: string type: object type: array idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 4 minutes. type: integer managedOutboundIPProfile: - description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: |- - Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 - (inclusive). The default value is 1. type: integer type: object type: object networkDataplane: - description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' type: string networkMode: - description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' type: string networkPlugin: - description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' type: string networkPluginMode: - description: 'NetworkPluginMode: Network plugin mode used for building the Kubernetes network.' type: string networkPolicy: - description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' type: string outboundType: - description: |- - OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see - [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). type: string podCidr: - description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' type: string podCidrs: - description: |- - PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. items: type: string type: array podLinkLocalAccess: - description: |- - PodLinkLocalAccess: Defines access to special link local addresses (Azure Instance Metadata Service, aka IMDS) for pods - with hostNetwork=false. if not specified, the default is 'IMDS'. type: string serviceCidr: - description: |- - ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP - ranges. type: string serviceCidrs: - description: |- - ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array staticEgressGatewayProfile: - description: |- - StaticEgressGatewayProfile: The profile for Static Egress Gateway addon. For more details about Static Egress Gateway, - see https://aka.ms/aks/static-egress-gateway. properties: enabled: - description: 'Enabled: Indicates if Static Egress Gateway addon is enabled or not.' type: boolean type: object type: object nodeProvisioningProfile: - description: 'NodeProvisioningProfile: Node provisioning settings that apply to the whole cluster.' properties: mode: - description: 'Mode: Once the mode it set to Auto, it cannot be changed back to Manual.' type: string type: object nodeResourceGroup: - description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string nodeResourceGroupProfile: - description: 'NodeResourceGroupProfile: The node resource group configuration profile.' properties: restrictionLevel: - description: 'RestrictionLevel: The restriction level applied to the cluster''s node resource group' type: string type: object oidcIssuerProfile: - description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' properties: enabled: - description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean issuerURL: - description: 'IssuerURL: The OIDC issuer url of the Managed Cluster.' type: string type: object podIdentityProfile: - description: |- - PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more - details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: |- - AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod - Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. type: boolean enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' type: boolean userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' items: - description: Details about the pod identity assigned to the Managed Cluster. properties: bindingSelector: - description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: 'Identity: The user assigned identity details.' properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string type: object name: - description: 'Name: The name of the pod identity.' type: string namespace: - description: 'Namespace: The namespace of the pod identity.' type: string provisioningInfo: properties: error: - description: 'Error: Pod identity assignment error (if any).' properties: error: - description: 'Error: Details about the error.' properties: code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' type: string details: - description: 'Details: A list of additional details about the error.' items: properties: code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' type: string message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' type: string target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' type: string type: object type: array message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' type: string target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' type: string type: object type: object type: object provisioningState: - description: 'ProvisioningState: The current provisioning state of the pod identity.' type: string type: object type: array userAssignedIdentityExceptions: - description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: |- - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: - description: 'Name: The name of the pod identity exception.' type: string namespace: - description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string - description: 'PodLabels: The pod labels to match.' type: object type: object type: array type: object powerState: - description: 'PowerState: The Power State of the cluster.' properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object privateFQDN: - description: 'PrivateFQDN: The FQDN of private cluster.' type: string privateLinkResources: - description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: A private link resource properties: groupId: - description: 'GroupId: The group ID of the resource.' type: string id: - description: 'Id: The ID of the private link resource.' type: string name: - description: 'Name: The name of the private link resource.' type: string privateLinkServiceID: - description: 'PrivateLinkServiceID: The private link service ID of the resource, this field is exposed only to NRP internally.' type: string requiredMembers: - description: 'RequiredMembers: The RequiredMembers of the resource' items: type: string type: array type: - description: 'Type: The resource type.' type: string type: object type: array provisioningState: - description: 'ProvisioningState: The current provisioning state.' type: string publicNetworkAccess: - description: 'PublicNetworkAccess: Allow or deny public network access for AKS' type: string resourceUID: - description: |- - ResourceUID: The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create - sequence) type: string safeguardsProfile: - description: 'SafeguardsProfile: The Safeguards profile holds all the safeguards information for a given cluster' properties: excludedNamespaces: - description: 'ExcludedNamespaces: List of namespaces excluded from Safeguards checks' items: type: string type: array level: - description: |- - Level: The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS - excludes via systemExcludedNamespaces type: string systemExcludedNamespaces: - description: 'SystemExcludedNamespaces: List of namespaces specified by AKS to be excluded from Safeguards' items: type: string type: array version: - description: 'Version: The version of constraints to use' type: string type: object securityProfile: - description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: |- - AzureKeyVaultKms: Azure Key Vault [key management - service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: - description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: |- - KeyId: Identifier of Azure Key Vault key. See [key identifier - format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) - for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key - identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: |- - KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the - key vault allows public access from all networks. `Private` means the key vault disables public access and enables - private link. The default value is `Public`. type: string keyVaultResourceId: - description: |- - KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must - be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. type: string type: object customCATrustCertificates: - description: |- - CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the - Custom CA Trust feature enabled. For more information see [Custom CA Trust - Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority) items: type: string type: array defender: - description: 'Defender: Microsoft Defender settings for the security profile.' properties: logAnalyticsWorkspaceResourceId: - description: |- - LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. - When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft - Defender is disabled, leave the field empty. type: string securityMonitoring: - description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Defender threat detection' type: boolean type: object type: object imageCleaner: - description: 'ImageCleaner: Image Cleaner settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' type: boolean intervalHours: - description: 'IntervalHours: Image Cleaner scanning interval in hours.' type: integer type: object imageIntegrity: - description: |- - ImageIntegrity: Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This - will not have any effect unless Azure Policy is applied to enforce image signatures. See - https://aka.ms/aks/image-integrity for how to use this feature via policy. properties: enabled: - description: 'Enabled: Whether to enable image integrity. The default value is false.' type: boolean type: object nodeRestriction: - description: |- - NodeRestriction: [Node - Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings - for the security profile. properties: enabled: - description: 'Enabled: Whether to enable Node Restriction' type: boolean type: object workloadIdentity: - description: |- - WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications - to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: - description: 'Enabled: Whether to enable workload identity.' type: boolean type: object type: object serviceMeshProfile: - description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' properties: istio: - description: 'Istio: Istio service mesh configuration.' properties: certificateAuthority: - description: |- - CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin - certificates as described here https://aka.ms/asm-plugin-ca properties: plugin: - description: 'Plugin: Plugin certificates information for Service Mesh.' properties: certChainObjectName: - description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' type: string certObjectName: - description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' type: string keyObjectName: - description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' type: string keyVaultId: - description: 'KeyVaultId: The resource ID of the Key Vault.' type: string rootCertObjectName: - description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' type: string type: object type: object components: - description: 'Components: Istio components configuration.' properties: egressGateways: - description: 'EgressGateways: Istio egress gateways.' items: - description: Istio egress gateway configuration. properties: enabled: - description: 'Enabled: Whether to enable the egress gateway.' type: boolean type: object type: array ingressGateways: - description: 'IngressGateways: Istio ingress gateways.' items: - description: |- - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: enabled: - description: 'Enabled: Whether to enable the ingress gateway.' type: boolean mode: - description: 'Mode: Mode of an ingress gateway.' type: string type: object type: array type: object revisions: - description: |- - Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. - When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: - https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string type: array type: object mode: - description: 'Mode: Mode of the service mesh.' type: string type: object servicePrincipalProfile: - description: |- - ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure - APIs. properties: clientId: - description: 'ClientId: The ID for the service principal.' type: string type: object sku: - description: 'Sku: The managed cluster SKU.' properties: name: - description: 'Name: The name of a managed cluster SKU.' type: string tier: - description: |- - Tier: If not specified, the default is 'Free'. See [AKS Pricing - Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. type: string type: object storageProfile: - description: 'StorageProfile: Storage profile for the managed cluster.' properties: blobCSIDriver: - description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' type: boolean type: object diskCSIDriver: - description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' type: boolean version: - description: 'Version: The version of AzureDisk CSI Driver. The default value is v1.' type: string type: object fileCSIDriver: - description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' type: boolean type: object snapshotController: - description: 'SnapshotController: Snapshot Controller settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' type: boolean type: object type: object supportPlan: - description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' type: string systemData: - description: 'SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.' properties: createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' type: string createdBy: - description: 'CreatedBy: The identity that created the resource.' type: string createdByType: - description: 'CreatedByType: The type of identity that created the resource.' type: string lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' type: string lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' type: string lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' type: string type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object type: - description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading a cluster.' properties: overrideSettings: - description: 'OverrideSettings: Settings for overrides.' properties: forceUpgrade: - description: |- - ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade - protections such as checking for deprecated API usage. Enable this option only with caution. type: boolean until: - description: |- - Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the - effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set - by default. It must be set for the overrides to take effect. type: string type: object type: object windowsProfile: - description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: adminUsername: - description: |- - AdminUsername: Specifies the name of the administrator account. - Restriction: Cannot end in "." - Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", - "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", - "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". - Minimum-length: 1 character - Max-length: 20 characters type: string enableCSIProxy: - description: |- - EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub - repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: - description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: |- - DnsServer: Specifies the DNS server for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: - description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: |- - RootDomainName: Specifies the root domain name for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: |- - LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User - Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. type: string type: object workloadAutoScalerProfile: - description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' properties: keda: - description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' properties: enabled: - description: 'Enabled: Whether to enable KEDA.' type: boolean type: object verticalPodAutoscaler: properties: addonAutoscaling: - description: 'AddonAutoscaling: Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.' type: string enabled: - description: 'Enabled: Whether to enable VPA add-on in cluster. Default value is false.' type: boolean type: object type: object @@ -24982,50 +16681,24 @@ spec: name: v1api20240402previewstorage schema: openAPIV3Schema: - description: |- - Storage version of v1api20240402preview.ManagedCluster - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20240402preview.ManagedCluster_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterAADProfile - For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -25046,16 +16719,10 @@ spec: type: object addonProfiles: additionalProperties: - description: |- - Storage version of v1api20240402preview.ManagedClusterAddonProfile - A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -25067,26 +16734,16 @@ spec: type: object agentPoolProfiles: items: - description: |- - Storage version of v1api20240402preview.ManagedClusterAgentPoolProfile - Profile for the container service agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object artifactStreamingProfile: - description: Storage version of v1api20240402preview.AgentPoolArtifactStreamingProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -25096,57 +16753,35 @@ spec: type: string type: array capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object count: type: integer creationData: - description: |- - Storage version of v1api20240402preview.CreationData - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -25163,16 +16798,10 @@ spec: enableUltraSSD: type: boolean gatewayProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolGatewayProfile - Profile of the managed cluster gateway agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixSize: type: integer @@ -25180,52 +16809,31 @@ spec: gpuInstanceProfile: type: string gpuProfile: - description: Storage version of v1api20240402preview.AgentPoolGPUProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object installGPUDriver: type: boolean type: object hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: |- - Storage version of v1api20240402preview.KubeletConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -25255,30 +16863,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20240402preview.LinuxOSConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20240402preview.SysctlConfig - Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -25355,29 +16951,17 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolNetworkProfile - Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: |- - Storage version of v1api20240402preview.PortRange - The port range. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -25389,38 +16973,24 @@ spec: type: array applicationSecurityGroupsReferences: items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20240402preview.IPTag - Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -25438,25 +17008,15 @@ spec: type: string type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: @@ -25476,61 +17036,36 @@ spec: podIPAllocationMode: type: string podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - Storage version of v1api20240402preview.PowerState - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: @@ -25540,16 +17075,10 @@ spec: scaleSetPriority: type: string securityProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolSecurityProfile - The security settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enableSecureBoot: type: boolean @@ -25567,16 +17096,10 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20240402preview.AgentPoolUpgradeSettings - Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -25589,16 +17112,10 @@ spec: type: object virtualMachineNodesStatus: items: - description: |- - Storage version of v1api20240402preview.VirtualMachineNodes - Current status on a group of nodes of the same vm size. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -25607,41 +17124,23 @@ spec: type: object type: array virtualMachinesProfile: - description: |- - Storage version of v1api20240402preview.VirtualMachinesProfile - Specifications on VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object scale: - description: |- - Storage version of v1api20240402preview.ScaleProfile - Specifications on how to scale a VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object autoscale: items: - description: |- - Storage version of v1api20240402preview.AutoScaleProfile - Specifications on auto-scaling. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object maxCount: type: integer @@ -25655,16 +17154,10 @@ spec: type: array manual: items: - description: |- - Storage version of v1api20240402preview.ManualScaleProfile - Specifications on number of machines. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -25679,39 +17172,22 @@ spec: vmSize: type: string vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object windowsProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolWindowsProfile - The Windows agent pool's specific profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object disableOutboundNat: type: boolean @@ -25721,33 +17197,19 @@ spec: type: object type: array aiToolchainOperatorProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterAIToolchainOperatorProfile - When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator - automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and - enables distributed inference against them. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object apiServerAccessProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterAPIServerAccessProfile - Access profile for managed cluster API server. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -25767,14 +17229,10 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20240402preview.ManagedClusterProperties_AutoScalerProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -25818,16 +17276,10 @@ spec: type: string type: object autoUpgradeProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterAutoUpgradeProfile - Auto upgrade profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object nodeOSUpgradeChannel: type: string @@ -25835,61 +17287,31 @@ spec: type: string type: object azureMonitorProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfile - Prometheus addon profile for the container service cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object appMonitoring: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoring - Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces - through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object autoInstrumentation: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation - Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook to auto-instrument - Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the application. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object openTelemetryLogs: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs - Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and Traces. Collects - OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -25897,18 +17319,10 @@ spec: type: integer type: object openTelemetryMetrics: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics - Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects - OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -25917,17 +17331,10 @@ spec: type: object type: object containerInsights: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileContainerInsights - Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See - aka.ms/AzureMonitorContainerInsights for an overview. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object disableCustomMetrics: type: boolean @@ -25936,55 +17343,33 @@ spec: enabled: type: boolean logAnalyticsWorkspaceResourceReference: - description: |- - LogAnalyticsWorkspaceResourceReference: Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing - Azure Monitor Container Insights Logs. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object syslogPort: type: integer type: object metrics: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileMetrics - Metrics profile for the prometheus service addon properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean kubeStateMetrics: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileKubeStateMetrics - Kube State Metrics for prometheus addon profile for the container service cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metricAnnotationsAllowList: type: string @@ -25994,102 +17379,59 @@ spec: type: object type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string bootstrapProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterBootstrapProfile - The bootstrap profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object artifactSource: type: string containerRegistryReference: - description: |- - ContainerRegistryReference: The resource Id of Azure Container Registry. The registry must have private network access, - premium SKU and zone redundancy. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object creationData: - description: |- - Storage version of v1api20240402preview.CreationData - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object disableLocalAccounts: type: boolean diskEncryptionSetReference: - description: |- - DiskEncryptionSetReference: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object dnsPrefix: @@ -26101,16 +17443,10 @@ spec: enableRBAC: type: boolean extendedLocation: - description: |- - Storage version of v1api20240402preview.ExtendedLocation - The complex type of the extended location. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -26120,16 +17456,10 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: |- - Storage version of v1api20240402preview.ManagedClusterHTTPProxyConfig - Cluster HTTP proxy configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object httpProxy: type: string @@ -26143,52 +17473,32 @@ spec: type: string type: object identity: - description: |- - Storage version of v1api20240402preview.ManagedClusterIdentity - Identity for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object delegatedResources: additionalProperties: - description: |- - Storage version of v1api20240402preview.DelegatedResource - Delegated resource properties - internal use only. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object location: type: string referralResource: type: string resourceReference: - description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object tenantId: @@ -26199,35 +17509,21 @@ spec: type: string userAssignedIdentities: items: - description: |- - Storage version of v1api20240402preview.UserAssignedIdentityDetails - Information about the user assigned identity for the resource properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -26235,31 +17531,18 @@ spec: type: object identityProfile: additionalProperties: - description: |- - Storage version of v1api20240402preview.UserAssignedIdentity - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string clientIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key @@ -26268,87 +17551,52 @@ spec: objectId: type: string objectIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: object ingressProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterIngressProfile - Ingress profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object webAppRouting: - description: |- - Storage version of v1api20240402preview.ManagedClusterIngressProfileWebAppRouting - Web App Routing settings for the ingress profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsZoneResourceReferences: items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array @@ -26361,43 +17609,25 @@ spec: kubernetesVersion: type: string linuxProfile: - description: |- - Storage version of v1api20240402preview.ContainerServiceLinuxProfile - Profile for Linux VMs in the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: |- - Storage version of v1api20240402preview.ContainerServiceSshConfiguration - SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: |- - Storage version of v1api20240402preview.ContainerServiceSshPublicKey - Contains information about SSH certificate public key data. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -26408,69 +17638,38 @@ spec: location: type: string metricsProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterMetricsProfile - The metrics profile for the ManagedCluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object costAnalysis: - description: |- - Storage version of v1api20240402preview.ManagedClusterCostAnalysis - The cost analysis configuration for the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object networkProfile: - description: |- - Storage version of v1api20240402preview.ContainerServiceNetworkProfile - Profile of network configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object advancedNetworking: - description: |- - Storage version of v1api20240402preview.AdvancedNetworking - Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced networking features may - incur additional costs. For more information see aka.ms/aksadvancednetworking. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object observability: - description: |- - Storage version of v1api20240402preview.AdvancedNetworkingObservability - Observability profile to enable advanced network metrics and flow logs with historical contexts. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -26483,26 +17682,18 @@ spec: type: string type: array kubeProxyConfig: - description: Storage version of v1api20240402preview.ContainerServiceNetworkProfile_KubeProxyConfig properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean ipvsConfig: - description: Storage version of v1api20240402preview.ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object scheduler: type: string @@ -26517,16 +17708,10 @@ spec: type: string type: object loadBalancerProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile - Profile of the managed cluster load balancer. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer @@ -26536,35 +17721,21 @@ spec: type: string effectiveOutboundIPs: items: - description: |- - Storage version of v1api20240402preview.ResourceReference - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -26574,14 +17745,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -26589,92 +17756,56 @@ spec: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: |- - Storage version of v1api20240402preview.ResourceReference - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array type: object outboundIPs: - description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_OutboundIPs properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: |- - Storage version of v1api20240402preview.ResourceReference - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -26684,48 +17815,28 @@ spec: loadBalancerSku: type: string natGatewayProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterNATGatewayProfile - Profile of the managed cluster NAT gateway. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object effectiveOutboundIPs: items: - description: |- - Storage version of v1api20240402preview.ResourceReference - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -26733,16 +17844,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterManagedOutboundIPProfile - Profile of the managed outbound IP resources of the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -26775,30 +17880,20 @@ spec: type: string type: array staticEgressGatewayProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterStaticEgressGatewayProfile - The Static Egress Gateway addon configuration for the cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object nodeProvisioningProfile: - description: Storage version of v1api20240402preview.ManagedClusterNodeProvisioningProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object mode: type: string @@ -26806,70 +17901,37 @@ spec: nodeResourceGroup: type: string nodeResourceGroupProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterNodeResourceGroupProfile - Node resource group lockdown profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object restrictionLevel: type: string type: object oidcIssuerProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterOIDCIssuerProfile - The OIDC issuer profile of the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object operatorSpec: - description: |- - Storage version of v1api20240402preview.ManagedClusterOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -26877,28 +17939,16 @@ spec: type: object type: array configMaps: - description: Storage version of v1api20240402preview.ManagedClusterOperatorConfigMaps properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object oidcIssuerProfile: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to: SecretDestination in secrets.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -26907,27 +17957,12 @@ spec: type: object secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -26935,46 +17970,26 @@ spec: type: object type: array secrets: - description: Storage version of v1api20240402preview.ManagedClusterOperatorSecrets properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to: ConfigMapDestination in configmaps.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key - name type: object userCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to: ConfigMapDestination in configmaps.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key @@ -26985,30 +18000,18 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podIdentityProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterPodIdentityProfile - See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod - identity integration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -27016,45 +18019,26 @@ spec: type: boolean userAssignedIdentities: items: - description: |- - Storage version of v1api20240402preview.ManagedClusterPodIdentity - Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: |- - Storage version of v1api20240402preview.UserAssignedIdentity - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string clientIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key @@ -27063,40 +18047,25 @@ spec: objectId: type: string objectIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -27108,17 +18077,10 @@ spec: type: array userAssignedIdentityExceptions: items: - description: |- - Storage version of v1api20240402preview.ManagedClusterPodIdentityException - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -27133,39 +18095,25 @@ spec: type: object privateLinkResources: items: - description: |- - Storage version of v1api20240402preview.PrivateLinkResource - A private link resource properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object groupId: type: string name: type: string reference: - description: 'Reference: The ID of the private link resource.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requiredMembers: @@ -27179,16 +18127,10 @@ spec: publicNetworkAccess: type: string safeguardsProfile: - description: |- - Storage version of v1api20240402preview.SafeguardsProfile - The Safeguards profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object excludedNamespaces: items: @@ -27200,28 +18142,16 @@ spec: type: string type: object securityProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfile - Security profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: |- - Storage version of v1api20240402preview.AzureKeyVaultKms - Azure Key Vault key management service settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -27230,25 +18160,15 @@ spec: keyVaultNetworkAccess: type: string keyVaultResourceReference: - description: |- - KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and - must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -27257,68 +18177,38 @@ spec: type: string type: array defender: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileDefender - Microsoft Defender settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object logAnalyticsWorkspaceResourceReference: - description: |- - LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft - Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When - Microsoft Defender is disabled, leave the field empty. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object securityMonitoring: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileDefenderSecurityMonitoring - Microsoft Defender settings for the security profile threat detection. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object imageCleaner: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileImageCleaner - Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here - are settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -27326,99 +18216,56 @@ spec: type: integer type: object imageIntegrity: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileImageIntegrity - Image integrity related settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object nodeRestriction: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileNodeRestriction - Node Restriction settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object workloadIdentity: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileWorkloadIdentity - Workload identity settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object serviceMeshProfile: - description: |- - Storage version of v1api20240402preview.ServiceMeshProfile - Service mesh profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object istio: - description: |- - Storage version of v1api20240402preview.IstioServiceMesh - Istio service mesh configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object certificateAuthority: - description: |- - Storage version of v1api20240402preview.IstioCertificateAuthority - Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described - here https://aka.ms/asm-plugin-ca properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object plugin: - description: |- - Storage version of v1api20240402preview.IstioPluginCertificateAuthority - Plugin certificates information for Service Mesh. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object certChainObjectName: type: string @@ -27427,23 +18274,15 @@ spec: keyObjectName: type: string keyVaultReference: - description: 'KeyVaultReference: The resource ID of the Key Vault.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object rootCertObjectName: @@ -27451,29 +18290,17 @@ spec: type: object type: object components: - description: |- - Storage version of v1api20240402preview.IstioComponents - Istio components configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object egressGateways: items: - description: |- - Storage version of v1api20240402preview.IstioEgressGateway - Istio egress gateway configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -27481,17 +18308,10 @@ spec: type: array ingressGateways: items: - description: |- - Storage version of v1api20240402preview.IstioIngressGateway - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -27509,31 +18329,18 @@ spec: type: string type: object servicePrincipalProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterServicePrincipalProfile - Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string secret: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key @@ -27541,16 +18348,10 @@ spec: type: object type: object sku: - description: |- - Storage version of v1api20240402preview.ManagedClusterSKU - The SKU of a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -27558,43 +18359,25 @@ spec: type: string type: object storageProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfile - Storage profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfileBlobCSIDriver - AzureBlob CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object diskCSIDriver: - description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfileDiskCSIDriver - AzureDisk CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -27602,31 +18385,19 @@ spec: type: string type: object fileCSIDriver: - description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfileFileCSIDriver - AzureFile CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object snapshotController: - description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfileSnapshotController - Snapshot Controller settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -27639,28 +18410,16 @@ spec: type: string type: object upgradeSettings: - description: |- - Storage version of v1api20240402preview.ClusterUpgradeSettings - Settings for upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object overrideSettings: - description: |- - Storage version of v1api20240402preview.UpgradeOverrideSettings - Settings for overrides when upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object forceUpgrade: type: boolean @@ -27669,29 +18428,16 @@ spec: type: object type: object windowsProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterWindowsProfile - Profile for Windows VMs in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminPassword: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key @@ -27702,16 +18448,10 @@ spec: enableCSIProxy: type: boolean gmsaProfile: - description: |- - Storage version of v1api20240402preview.WindowsGmsaProfile - Windows gMSA Profile in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServer: type: string @@ -27724,41 +18464,25 @@ spec: type: string type: object workloadAutoScalerProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfile - Workload Auto-scaler profile for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keda: - description: |- - Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfileKeda - KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object verticalPodAutoscaler: - description: Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object addonAutoscaling: type: string @@ -27770,28 +18494,16 @@ spec: - owner type: object status: - description: |- - Storage version of v1api20240402preview.ManagedCluster_STATUS - Managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterAADProfile_STATUS - For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -27812,16 +18524,10 @@ spec: type: object addonProfiles: additionalProperties: - description: |- - Storage version of v1api20240402preview.ManagedClusterAddonProfile_STATUS - A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -27830,16 +18536,10 @@ spec: enabled: type: boolean identity: - description: |- - Storage version of v1api20240402preview.UserAssignedIdentity_STATUS - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -27852,26 +18552,16 @@ spec: type: object agentPoolProfiles: items: - description: |- - Storage version of v1api20240402preview.ManagedClusterAgentPoolProfile_STATUS - Profile for the container service agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object artifactStreamingProfile: - description: Storage version of v1api20240402preview.AgentPoolArtifactStreamingProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -27885,16 +18575,10 @@ spec: count: type: integer creationData: - description: |- - Storage version of v1api20240402preview.CreationData_STATUS - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -27916,16 +18600,10 @@ spec: enableUltraSSD: type: boolean gatewayProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolGatewayProfile_STATUS - Profile of the managed cluster gateway agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixSize: type: integer @@ -27933,14 +18611,10 @@ spec: gpuInstanceProfile: type: string gpuProfile: - description: Storage version of v1api20240402preview.AgentPoolGPUProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object installGPUDriver: type: boolean @@ -27948,16 +18622,10 @@ spec: hostGroupID: type: string kubeletConfig: - description: |- - Storage version of v1api20240402preview.KubeletConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -27987,30 +18655,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20240402preview.LinuxOSConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20240402preview.SysctlConfig_STATUS - Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -28087,29 +18743,17 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolNetworkProfile_STATUS - Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: |- - Storage version of v1api20240402preview.PortRange_STATUS - The port range. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -28125,16 +18769,10 @@ spec: type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20240402preview.IPTag_STATUS - Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -28174,16 +18812,10 @@ spec: podSubnetID: type: string powerState: - description: |- - Storage version of v1api20240402preview.PowerState_STATUS - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -28199,16 +18831,10 @@ spec: scaleSetPriority: type: string securityProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolSecurityProfile_STATUS - The security settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enableSecureBoot: type: boolean @@ -28226,16 +18852,10 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20240402preview.AgentPoolUpgradeSettings_STATUS - Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -28248,16 +18868,10 @@ spec: type: object virtualMachineNodesStatus: items: - description: |- - Storage version of v1api20240402preview.VirtualMachineNodes_STATUS - Current status on a group of nodes of the same vm size. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -28266,41 +18880,23 @@ spec: type: object type: array virtualMachinesProfile: - description: |- - Storage version of v1api20240402preview.VirtualMachinesProfile_STATUS - Specifications on VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object scale: - description: |- - Storage version of v1api20240402preview.ScaleProfile_STATUS - Specifications on how to scale a VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object autoscale: items: - description: |- - Storage version of v1api20240402preview.AutoScaleProfile_STATUS - Specifications on auto-scaling. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object maxCount: type: integer @@ -28314,16 +18910,10 @@ spec: type: array manual: items: - description: |- - Storage version of v1api20240402preview.ManualScaleProfile_STATUS - Specifications on number of machines. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -28340,16 +18930,10 @@ spec: vnetSubnetID: type: string windowsProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolWindowsProfile_STATUS - The Windows agent pool's specific profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object disableOutboundNat: type: boolean @@ -28359,33 +18943,19 @@ spec: type: object type: array aiToolchainOperatorProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterAIToolchainOperatorProfile_STATUS - When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator - automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and - enables distributed inference against them. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object apiServerAccessProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterAPIServerAccessProfile_STATUS - Access profile for managed cluster API server. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -28405,14 +18975,10 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20240402preview.ManagedClusterProperties_AutoScalerProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -28456,16 +19022,10 @@ spec: type: string type: object autoUpgradeProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterAutoUpgradeProfile_STATUS - Auto upgrade profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object nodeOSUpgradeChannel: type: string @@ -28473,61 +19033,31 @@ spec: type: string type: object azureMonitorProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfile_STATUS - Prometheus addon profile for the container service cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object appMonitoring: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoring_STATUS - Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces - through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object autoInstrumentation: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation_STATUS - Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook to auto-instrument - Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the application. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object openTelemetryLogs: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs_STATUS - Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and Traces. Collects - OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -28535,18 +19065,10 @@ spec: type: integer type: object openTelemetryMetrics: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics_STATUS - Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects - OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See - aka.ms/AzureMonitorApplicationMonitoring for an overview. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -28555,17 +19077,10 @@ spec: type: object type: object containerInsights: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileContainerInsights_STATUS - Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See - aka.ms/AzureMonitorContainerInsights for an overview. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object disableCustomMetrics: type: boolean @@ -28579,30 +19094,18 @@ spec: type: integer type: object metrics: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileMetrics_STATUS - Metrics profile for the prometheus service addon properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean kubeStateMetrics: - description: |- - Storage version of v1api20240402preview.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS - Kube State Metrics for prometheus addon profile for the container service cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metricAnnotationsAllowList: type: string @@ -28614,16 +19117,10 @@ spec: azurePortalFQDN: type: string bootstrapProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterBootstrapProfile_STATUS - The bootstrap profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object artifactSource: type: string @@ -28632,39 +19129,22 @@ spec: type: object conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -28674,16 +19154,10 @@ spec: type: object type: array creationData: - description: |- - Storage version of v1api20240402preview.CreationData_STATUS - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -28705,16 +19179,10 @@ spec: enableRBAC: type: boolean extendedLocation: - description: |- - Storage version of v1api20240402preview.ExtendedLocation_STATUS - The complex type of the extended location. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -28726,16 +19194,10 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: |- - Storage version of v1api20240402preview.ManagedClusterHTTPProxyConfig_STATUS - Cluster HTTP proxy configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object effectiveNoProxy: items: @@ -28755,29 +19217,17 @@ spec: id: type: string identity: - description: |- - Storage version of v1api20240402preview.ManagedClusterIdentity_STATUS - Identity for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object delegatedResources: additionalProperties: - description: |- - Storage version of v1api20240402preview.DelegatedResource_STATUS - Delegated resource properties - internal use only. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object location: type: string @@ -28797,14 +19247,10 @@ spec: type: string userAssignedIdentities: additionalProperties: - description: Storage version of v1api20240402preview.ManagedClusterIdentity_UserAssignedIdentities_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -28815,16 +19261,10 @@ spec: type: object identityProfile: additionalProperties: - description: |- - Storage version of v1api20240402preview.UserAssignedIdentity_STATUS - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -28835,28 +19275,16 @@ spec: type: object type: object ingressProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterIngressProfile_STATUS - Ingress profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object webAppRouting: - description: |- - Storage version of v1api20240402preview.ManagedClusterIngressProfileWebAppRouting_STATUS - Web App Routing settings for the ingress profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsZoneResourceIds: items: @@ -28865,16 +19293,10 @@ spec: enabled: type: boolean identity: - description: |- - Storage version of v1api20240402preview.UserAssignedIdentity_STATUS - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -28890,43 +19312,25 @@ spec: kubernetesVersion: type: string linuxProfile: - description: |- - Storage version of v1api20240402preview.ContainerServiceLinuxProfile_STATUS - Profile for Linux VMs in the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: |- - Storage version of v1api20240402preview.ContainerServiceSshConfiguration_STATUS - SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: |- - Storage version of v1api20240402preview.ContainerServiceSshPublicKey_STATUS - Contains information about SSH certificate public key data. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -28939,28 +19343,16 @@ spec: maxAgentPools: type: integer metricsProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterMetricsProfile_STATUS - The metrics profile for the ManagedCluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object costAnalysis: - description: |- - Storage version of v1api20240402preview.ManagedClusterCostAnalysis_STATUS - The cost analysis configuration for the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -28969,41 +19361,22 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20240402preview.ContainerServiceNetworkProfile_STATUS - Profile of network configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object advancedNetworking: - description: |- - Storage version of v1api20240402preview.AdvancedNetworking_STATUS - Advanced Networking profile for enabling observability on a cluster. Note that enabling advanced networking features may - incur additional costs. For more information see aka.ms/aksadvancednetworking. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object observability: - description: |- - Storage version of v1api20240402preview.AdvancedNetworkingObservability_STATUS - Observability profile to enable advanced network metrics and flow logs with historical contexts. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29016,26 +19389,18 @@ spec: type: string type: array kubeProxyConfig: - description: Storage version of v1api20240402preview.ContainerServiceNetworkProfile_KubeProxyConfig_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean ipvsConfig: - description: Storage version of v1api20240402preview.ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object scheduler: type: string @@ -29050,16 +19415,10 @@ spec: type: string type: object loadBalancerProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_STATUS - Profile of the managed cluster load balancer. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer @@ -29069,16 +19428,10 @@ spec: type: string effectiveOutboundIPs: items: - description: |- - Storage version of v1api20240402preview.ResourceReference_STATUS - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -29089,14 +19442,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -29104,27 +19453,17 @@ spec: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: |- - Storage version of v1api20240402preview.ResourceReference_STATUS - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -29132,27 +19471,17 @@ spec: type: array type: object outboundIPs: - description: Storage version of v1api20240402preview.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: |- - Storage version of v1api20240402preview.ResourceReference_STATUS - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -29163,29 +19492,17 @@ spec: loadBalancerSku: type: string natGatewayProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterNATGatewayProfile_STATUS - Profile of the managed cluster NAT gateway. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object effectiveOutboundIPs: items: - description: |- - Storage version of v1api20240402preview.ResourceReference_STATUS - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -29194,16 +19511,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterManagedOutboundIPProfile_STATUS - Profile of the managed outbound IP resources of the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -29236,30 +19547,20 @@ spec: type: string type: array staticEgressGatewayProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterStaticEgressGatewayProfile_STATUS - The Static Egress Gateway addon configuration for the cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object nodeProvisioningProfile: - description: Storage version of v1api20240402preview.ManagedClusterNodeProvisioningProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object mode: type: string @@ -29267,31 +19568,19 @@ spec: nodeResourceGroup: type: string nodeResourceGroupProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterNodeResourceGroupProfile_STATUS - Node resource group lockdown profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object restrictionLevel: type: string type: object oidcIssuerProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterOIDCIssuerProfile_STATUS - The OIDC issuer profile of the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29299,17 +19588,10 @@ spec: type: string type: object podIdentityProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterPodIdentityProfile_STATUS - See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod - identity integration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -29317,30 +19599,18 @@ spec: type: boolean userAssignedIdentities: items: - description: |- - Storage version of v1api20240402preview.ManagedClusterPodIdentity_STATUS - Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: |- - Storage version of v1api20240402preview.UserAssignedIdentity_STATUS - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -29354,51 +19624,31 @@ spec: namespace: type: string provisioningInfo: - description: Storage version of v1api20240402preview.ManagedClusterPodIdentity_ProvisioningInfo_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object error: - description: |- - Storage version of v1api20240402preview.ManagedClusterPodIdentityProvisioningError_STATUS - An error response from the pod identity provisioning. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object error: - description: |- - Storage version of v1api20240402preview.ManagedClusterPodIdentityProvisioningErrorBody_STATUS - An error response from the pod identity provisioning. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string details: items: - description: Storage version of v1api20240402preview.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -29421,17 +19671,10 @@ spec: type: array userAssignedIdentityExceptions: items: - description: |- - Storage version of v1api20240402preview.ManagedClusterPodIdentityException_STATUS - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -29445,16 +19688,10 @@ spec: type: array type: object powerState: - description: |- - Storage version of v1api20240402preview.PowerState_STATUS - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -29463,16 +19700,10 @@ spec: type: string privateLinkResources: items: - description: |- - Storage version of v1api20240402preview.PrivateLinkResource_STATUS - A private link resource properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object groupId: type: string @@ -29497,16 +19728,10 @@ spec: resourceUID: type: string safeguardsProfile: - description: |- - Storage version of v1api20240402preview.SafeguardsProfile_STATUS - The Safeguards profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object excludedNamespaces: items: @@ -29522,28 +19747,16 @@ spec: type: string type: object securityProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfile_STATUS - Security profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: |- - Storage version of v1api20240402preview.AzureKeyVaultKms_STATUS - Azure Key Vault key management service settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29559,47 +19772,28 @@ spec: type: string type: array defender: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileDefender_STATUS - Microsoft Defender settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object logAnalyticsWorkspaceResourceId: type: string securityMonitoring: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS - Microsoft Defender settings for the security profile threat detection. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object imageCleaner: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileImageCleaner_STATUS - Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here - are settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29607,99 +19801,56 @@ spec: type: integer type: object imageIntegrity: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileImageIntegrity_STATUS - Image integrity related settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object nodeRestriction: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileNodeRestriction_STATUS - Node Restriction settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object workloadIdentity: - description: |- - Storage version of v1api20240402preview.ManagedClusterSecurityProfileWorkloadIdentity_STATUS - Workload identity settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object serviceMeshProfile: - description: |- - Storage version of v1api20240402preview.ServiceMeshProfile_STATUS - Service mesh profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object istio: - description: |- - Storage version of v1api20240402preview.IstioServiceMesh_STATUS - Istio service mesh configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object certificateAuthority: - description: |- - Storage version of v1api20240402preview.IstioCertificateAuthority_STATUS - Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described - here https://aka.ms/asm-plugin-ca properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object plugin: - description: |- - Storage version of v1api20240402preview.IstioPluginCertificateAuthority_STATUS - Plugin certificates information for Service Mesh. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object certChainObjectName: type: string @@ -29714,29 +19865,17 @@ spec: type: object type: object components: - description: |- - Storage version of v1api20240402preview.IstioComponents_STATUS - Istio components configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object egressGateways: items: - description: |- - Storage version of v1api20240402preview.IstioEgressGateway_STATUS - Istio egress gateway configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29744,17 +19883,10 @@ spec: type: array ingressGateways: items: - description: |- - Storage version of v1api20240402preview.IstioIngressGateway_STATUS - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29772,31 +19904,19 @@ spec: type: string type: object servicePrincipalProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterServicePrincipalProfile_STATUS - Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string type: object sku: - description: |- - Storage version of v1api20240402preview.ManagedClusterSKU_STATUS - The SKU of a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -29804,43 +19924,25 @@ spec: type: string type: object storageProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfile_STATUS - Storage profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfileBlobCSIDriver_STATUS - AzureBlob CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object diskCSIDriver: - description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfileDiskCSIDriver_STATUS - AzureDisk CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29848,31 +19950,19 @@ spec: type: string type: object fileCSIDriver: - description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfileFileCSIDriver_STATUS - AzureFile CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object snapshotController: - description: |- - Storage version of v1api20240402preview.ManagedClusterStorageProfileSnapshotController_STATUS - Snapshot Controller settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -29881,16 +19971,10 @@ spec: supportPlan: type: string systemData: - description: |- - Storage version of v1api20240402preview.SystemData_STATUS - Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -29912,28 +19996,16 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20240402preview.ClusterUpgradeSettings_STATUS - Settings for upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object overrideSettings: - description: |- - Storage version of v1api20240402preview.UpgradeOverrideSettings_STATUS - Settings for overrides when upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object forceUpgrade: type: boolean @@ -29942,32 +20014,20 @@ spec: type: object type: object windowsProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterWindowsProfile_STATUS - Profile for Windows VMs in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: - description: |- - Storage version of v1api20240402preview.WindowsGmsaProfile_STATUS - Windows gMSA Profile in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServer: type: string @@ -29980,41 +20040,25 @@ spec: type: string type: object workloadAutoScalerProfile: - description: |- - Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfile_STATUS - Workload Auto-scaler profile for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keda: - description: |- - Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS - KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object verticalPodAutoscaler: - description: Storage version of v1api20240402preview.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object addonAutoscaling: type: string @@ -30044,166 +20088,94 @@ spec: name: v1api20240901 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: aadProfile: - description: 'AadProfile: The Azure Active Directory configuration.' properties: adminGroupObjectIDs: - description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: - description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string enableAzureRBAC: - description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: - description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: - description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string serverAppSecret: - description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: |- - TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment - subscription. type: string type: object addonProfiles: additionalProperties: - description: A Kubernetes add-on profile for a managed cluster. properties: config: additionalProperties: type: string - description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: - description: 'Enabled: Whether the add-on is enabled or not.' type: boolean required: - enabled type: object - description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: - description: 'AgentPoolProfiles: The agent pool properties.' items: - description: Profile for the container service agent pool. properties: availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' enum: - MIG1g - MIG2g @@ -30212,244 +20184,152 @@ spec: - MIG7g type: string hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. enum: - OS - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' maximum: 90 minimum: 10 type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' maximum: 524288 minimum: 65536 type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' maximum: 2097152 minimum: 131072 type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: - System - User type: string name: - description: 'Name: Windows agent pool names must be 6 characters or less.' pattern: ^[a-z][a-z0-9]{0,11}$ type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. maximum: 65535 minimum: 1 type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. maximum: 65535 minimum: 1 type: integer protocol: - description: 'Protocol: The network protocol of the port.' enum: - TCP - UDP @@ -30457,40 +20337,25 @@ spec: type: object type: array applicationSecurityGroupsReferences: - description: |- - ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when - created. items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array @@ -30498,63 +20363,35 @@ spec: nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. enum: - AzureLinux - CBLMariner @@ -30563,184 +20400,108 @@ spec: - Windows2022 type: string osType: - description: 'OsType: The operating system type. The default is Linux.' enum: - Linux - Windows type: string podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' enum: - Running - Stopped type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' enum: - Deallocate - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. enum: - Deallocate - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' enum: - Regular - Spot type: string securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean type: object spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' enum: - AvailabilitySet - VirtualMachineScaleSets type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. maximum: 1440 minimum: 1 type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and - moving on to next node. If not specified, the default is 0 minutes. maximum: 30 minimum: 0 type: integer type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: |- - DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT - Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' enum: - OCIContainer - WasmWasi @@ -30750,57 +20511,29 @@ spec: type: object type: array apiServerAccessProfile: - description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: |- - AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with - clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API - server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array disableRunCommand: - description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: |- - EnablePrivateCluster: For more details, see [Creating a private AKS - cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: - description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean privateDNSZone: - description: |- - PrivateDNSZone: The default is System. For more details see [configure private DNS - zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and - 'none'. type: string type: object autoScalerProfile: - description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' properties: balance-similar-node-groups: - description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string daemonset-eviction-for-empty-nodes: - description: |- - DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the - node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be - deleted without ensuring that daemonset pods are deleted or evicted. type: boolean daemonset-eviction-for-occupied-nodes: - description: |- - DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion - of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node - will be deleted without ensuring that daemonset pods are deleted or evicted. type: boolean expander: - description: |- - Expander: If not specified, the default is 'random'. See - [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more - information. enum: - least-waste - most-pods @@ -30808,76 +20541,41 @@ spec: - random type: string ignore-daemonsets-utilization: - description: |- - IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making - scaling down decisions. type: boolean max-empty-bulk-delete: - description: 'MaxEmptyBulkDelete: The default is 10.' type: string max-graceful-termination-sec: - description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: |- - MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string max-total-unready-percentage: - description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: |- - NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler - could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is - '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: - description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: |- - ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-delay-after-delete: - description: |- - ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of - time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: |- - ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other - than minutes (m) is supported. type: string scale-down-unneeded-time: - description: |- - ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-unready-time: - description: |- - ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-utilization-threshold: - description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' type: string scan-interval: - description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' type: string skip-nodes-with-local-storage: - description: 'SkipNodesWithLocalStorage: The default is true.' type: string skip-nodes-with-system-pods: - description: 'SkipNodesWithSystemPods: The default is true.' type: string type: object autoUpgradeProfile: - description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: nodeOSUpgradeChannel: - description: 'NodeOSUpgradeChannel: Manner in which the OS on your nodes is updated. The default is NodeImage.' enum: - NodeImage - None @@ -30885,9 +20583,6 @@ spec: - Unmanaged type: string upgradeChannel: - description: |- - UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade - channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). enum: - node-image - none @@ -30897,36 +20592,16 @@ spec: type: string type: object azureMonitorProfile: - description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' properties: metrics: - description: |- - Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. properties: enabled: - description: |- - Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See - aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. type: boolean kubeStateMetrics: - description: |- - KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. properties: metricAnnotationsAllowList: - description: |- - MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource's - labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric - contains only resource name and namespace labels. type: string metricLabelsAllowlist: - description: |- - MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource's - labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only - resource name and namespace labels. type: string type: object required: @@ -30934,162 +20609,99 @@ spec: type: object type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. maxLength: 63 minLength: 1 pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ type: string disableLocalAccounts: - description: |- - DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be - used on Managed Clusters that are AAD enabled. For more details see [disable local - accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetReference: - description: |- - DiskEncryptionSetReference: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object dnsPrefix: - description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string enablePodSecurityPolicy: - description: |- - EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was - deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and - https://aka.ms/aks/psp. type: boolean enableRBAC: - description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: 'ExtendedLocation: The extended location of the Virtual Machine.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' enum: - EdgeZone type: string type: object fqdnSubdomain: - description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string httpProxyConfig: - description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' properties: httpProxy: - description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: - description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: - description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: - description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object identity: - description: 'Identity: The identity of the managed cluster, if configured.' properties: delegatedResources: additionalProperties: - description: Delegated resource properties - internal use only. properties: location: - description: 'Location: The source resource location - internal use only.' type: string referralResource: - description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' type: string resourceReference: - description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object tenantId: - description: 'TenantId: The tenant id of the delegated resource - internal use only.' pattern: ^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$ type: string type: object - description: |- - DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another - Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object type: - description: |- - Type: For more information see [use managed identities in - AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). enum: - None - SystemAssigned - UserAssigned type: string userAssignedIdentities: - description: |- - UserAssignedIdentities: The keys must be ARM resource IDs in the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. items: - description: Information about the user assigned identity for the resource properties: reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -31097,138 +20709,80 @@ spec: type: object identityProfile: additionalProperties: - description: Details about a user assigned identity. properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string clientIdFromConfig: - description: 'ClientIdFromConfig: The client ID of the user assigned identity.' properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string objectIdFromConfig: - description: 'ObjectIdFromConfig: The object ID of the user assigned identity.' properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object - description: |- - IdentityProfile: The user identity associated with the managed cluster. This identity will be used by the kubelet. Only - one user assigned identity is allowed. The only accepted key is "kubeletidentity", with value of "resourceId": - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}". type: object ingressProfile: - description: 'IngressProfile: Ingress profile for the managed cluster.' properties: webAppRouting: - description: |- - WebAppRouting: App Routing settings for the ingress profile. You can find an overview and onboarding guide for this - feature at https://learn.microsoft.com/en-us/azure/aks/app-routing?tabs=default%2Cdeploy-app-default. properties: dnsZoneResourceReferences: - description: |- - DnsZoneResourceReferences: Resource IDs of the DNS zones to be associated with the Application Routing add-on. Used only - when Application Routing add-on is enabled. Public and private DNS zones can be in different resource groups, but all - public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group. items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array enabled: - description: 'Enabled: Whether to enable the Application Routing add-on.' type: boolean type: object type: object kubernetesVersion: - description: |- - KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All - upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or - 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS - cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' properties: adminUsername: - description: 'AdminUsername: The administrator username to use for Linux VMs.' pattern: ^[A-Za-z][-A-Za-z0-9_]*$ type: string ssh: - description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' properties: publicKeys: - description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: Contains information about SSH certificate public key data. properties: keyData: - description: |- - KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or - without headers. type: string required: - keyData @@ -31242,63 +20796,36 @@ spec: - ssh type: object location: - description: 'Location: The geo-location where the resource lives' type: string metricsProfile: - description: 'MetricsProfile: Optional cluster metrics configuration.' properties: costAnalysis: - description: 'CostAnalysis: The cost analysis configuration for the cluster' properties: enabled: - description: |- - Enabled: The Managed Cluster sku.tier must be set to 'Standard' or 'Premium' to enable this feature. Enabling this will - add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the - default is false. For more information see aka.ms/aks/docs/cost-analysis. type: boolean type: object type: object networkProfile: - description: 'NetworkProfile: The network configuration profile.' properties: advancedNetworking: - description: |- - AdvancedNetworking: Advanced Networking profile for enabling observability and security feature suite on a cluster. For - more information see aka.ms/aksadvancednetworking. properties: enabled: - description: |- - Enabled: Indicates the enablement of Advanced Networking functionalities of observability and security on AKS clusters. - When this is set to true, all observability and security features will be set to enabled unless explicitly disabled. If - not specified, the default is false. type: boolean observability: - description: 'Observability: Observability profile to enable advanced network metrics and flow logs with historical contexts.' properties: enabled: - description: 'Enabled: Indicates the enablement of Advanced Networking observability functionalities on clusters.' type: boolean type: object security: - description: 'Security: Security profile to enable security features on cilium based cluster.' properties: enabled: - description: |- - Enabled: This feature allows user to configure network policy based on DNS (FQDN) names. It can be enabled only on - cilium based clusters. If not specified, the default is false. type: boolean type: object type: object dnsServiceIP: - description: |- - DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address - range specified in serviceCidr. pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ type: string ipFamilies: - description: |- - IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value - is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: enum: - IPv4 @@ -31306,133 +20833,85 @@ spec: type: string type: array loadBalancerProfile: - description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: |- - AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 - (inclusive). The default value is 0 which results in Azure dynamically allocating ports. maximum: 64000 minimum: 0 type: integer backendPoolType: - description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' enum: - NodeIP - NodeIPConfiguration type: string effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: - description: A reference to an Azure resource. properties: reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array enableMultipleStandardLoadBalancers: - description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 30 minutes. maximum: 120 minimum: 4 type: integer managedOutboundIPs: - description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: |- - Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values - must be in the range of 1 to 100 (inclusive). The default value is 1. maximum: 100 minimum: 1 type: integer countIPv6: - description: |- - CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed - values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. maximum: 100 minimum: 0 type: integer type: object outboundIPPrefixes: - description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' properties: publicIPPrefixes: - description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: A reference to an Azure resource. properties: reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array type: object outboundIPs: - description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' properties: publicIPs: - description: 'PublicIPs: A list of public IP resources.' items: - description: A reference to an Azure resource. properties: reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -31440,89 +20919,62 @@ spec: type: object type: object loadBalancerSku: - description: |- - LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer - SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load - balancer SKUs. enum: - basic - standard type: string natGatewayProfile: - description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' properties: effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' items: - description: A reference to an Azure resource. properties: reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 4 minutes. maximum: 120 minimum: 4 type: integer managedOutboundIPProfile: - description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: |- - Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 - (inclusive). The default value is 1. maximum: 16 minimum: 1 type: integer type: object type: object networkDataplane: - description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' enum: - azure - cilium type: string networkMode: - description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' enum: - bridge - transparent type: string networkPlugin: - description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' enum: - azure - kubenet - none type: string networkPluginMode: - description: 'NetworkPluginMode: The mode the network plugin should use.' enum: - overlay type: string networkPolicy: - description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' enum: - azure - calico @@ -31530,9 +20982,6 @@ spec: - none type: string outboundType: - description: |- - OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see - [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). enum: - loadBalancer - managedNATGateway @@ -31540,81 +20989,45 @@ spec: - userDefinedRouting type: string podCidr: - description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string podCidrs: - description: |- - PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. items: type: string type: array serviceCidr: - description: |- - ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP - ranges. pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidrs: - description: |- - ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array type: object nodeResourceGroup: - description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string nodeResourceGroupProfile: - description: 'NodeResourceGroupProfile: Profile of the node resource group configuration.' properties: restrictionLevel: - description: |- - RestrictionLevel: The restriction level applied to the cluster's node resource group. If not specified, the default is - 'Unrestricted' enum: - ReadOnly - Unrestricted type: string type: object oidcIssuerProfile: - description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' properties: enabled: - description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean type: object operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -31622,20 +21035,12 @@ spec: type: object type: array configMaps: - description: 'ConfigMaps: configures where to place operator written ConfigMaps.' properties: oidcIssuerProfile: - description: |- - OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be - created. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -31643,29 +21048,13 @@ spec: type: object type: object secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -31673,37 +21062,22 @@ spec: type: object type: array secrets: - description: 'Secrets: configures where to place Azure generated secrets.' properties: adminCredentials: - description: |- - AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key - name type: object userCredentials: - description: |- - UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key @@ -31712,106 +21086,66 @@ spec: type: object type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podIdentityProfile: - description: |- - PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more - details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: |- - AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod - Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. type: boolean enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' type: boolean userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' items: - description: Details about the pod identity assigned to the Managed Cluster. properties: bindingSelector: - description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: 'Identity: The user assigned identity details.' properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string clientIdFromConfig: - description: 'ClientIdFromConfig: The client ID of the user assigned identity.' properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string objectIdFromConfig: - description: 'ObjectIdFromConfig: The object ID of the user assigned identity.' properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object name: - description: 'Name: The name of the pod identity.' type: string namespace: - description: 'Namespace: The namespace of the pod identity.' type: string required: - identity @@ -31820,22 +21154,15 @@ spec: type: object type: array userAssignedIdentityExceptions: - description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: |- - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: - description: 'Name: The name of the pod identity exception.' type: string namespace: - description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string - description: 'PodLabels: The pod labels to match.' type: object required: - name @@ -31845,231 +21172,143 @@ spec: type: array type: object privateLinkResources: - description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: A private link resource properties: groupId: - description: 'GroupId: The group ID of the resource.' type: string name: - description: 'Name: The name of the private link resource.' type: string reference: - description: 'Reference: The ID of the private link resource.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requiredMembers: - description: 'RequiredMembers: The RequiredMembers of the resource' items: type: string type: array type: - description: 'Type: The resource type.' type: string type: object type: array publicNetworkAccess: - description: 'PublicNetworkAccess: Allow or deny public network access for AKS' enum: - Disabled - Enabled type: string securityProfile: - description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: |- - AzureKeyVaultKms: Azure Key Vault [key management - service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: - description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: |- - KeyId: Identifier of Azure Key Vault key. See [key identifier - format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) - for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key - identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: |- - KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the - key vault allows public access from all networks. `Private` means the key vault disables public access and enables - private link. The default value is `Public`. enum: - Private - Public type: string keyVaultResourceReference: - description: |- - KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and - must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object defender: - description: 'Defender: Microsoft Defender settings for the security profile.' properties: logAnalyticsWorkspaceResourceReference: - description: |- - LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft - Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When - Microsoft Defender is disabled, leave the field empty. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object securityMonitoring: - description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Defender threat detection' type: boolean type: object type: object imageCleaner: - description: 'ImageCleaner: Image Cleaner settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' type: boolean intervalHours: - description: 'IntervalHours: Image Cleaner scanning interval in hours.' type: integer type: object workloadIdentity: - description: |- - WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications - to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: - description: 'Enabled: Whether to enable workload identity.' type: boolean type: object type: object serviceMeshProfile: - description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' properties: istio: - description: 'Istio: Istio service mesh configuration.' properties: certificateAuthority: - description: |- - CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin - certificates as described here https://aka.ms/asm-plugin-ca properties: plugin: - description: 'Plugin: Plugin certificates information for Service Mesh.' properties: certChainObjectName: - description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' type: string certObjectName: - description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' type: string keyObjectName: - description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' type: string keyVaultReference: - description: 'KeyVaultReference: The resource ID of the Key Vault.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object rootCertObjectName: - description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' type: string type: object type: object components: - description: 'Components: Istio components configuration.' properties: egressGateways: - description: 'EgressGateways: Istio egress gateways.' items: - description: Istio egress gateway configuration. properties: enabled: - description: 'Enabled: Whether to enable the egress gateway.' type: boolean required: - enabled type: object type: array ingressGateways: - description: 'IngressGateways: Istio ingress gateways.' items: - description: |- - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: enabled: - description: 'Enabled: Whether to enable the ingress gateway.' type: boolean mode: - description: 'Mode: Mode of an ingress gateway.' enum: - External - Internal @@ -32081,17 +21320,12 @@ spec: type: array type: object revisions: - description: |- - Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. - When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: - https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string maxItems: 2 type: array type: object mode: - description: 'Mode: Mode of the service mesh.' enum: - Disabled - Istio @@ -32100,23 +21334,14 @@ spec: - mode type: object servicePrincipalProfile: - description: |- - ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure - APIs. properties: clientId: - description: 'ClientId: The ID for the service principal.' type: string secret: - description: 'Secret: The secret password associated with the service principal in plain text.' properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key @@ -32126,17 +21351,12 @@ spec: - clientId type: object sku: - description: 'Sku: The managed cluster SKU.' properties: name: - description: 'Name: The name of a managed cluster SKU.' enum: - Base type: string tier: - description: |- - Tier: If not specified, the default is 'Free'. See [AKS Pricing - Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. enum: - Free - Premium @@ -32144,39 +21364,29 @@ spec: type: string type: object storageProfile: - description: 'StorageProfile: Storage profile for the managed cluster.' properties: blobCSIDriver: - description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' type: boolean type: object diskCSIDriver: - description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' type: boolean type: object fileCSIDriver: - description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' type: boolean type: object snapshotController: - description: 'SnapshotController: Snapshot Controller settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' type: boolean type: object type: object supportPlan: - description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' enum: - AKSLongTermSupport - KubernetesOfficial @@ -32184,91 +21394,43 @@ spec: tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading a cluster.' properties: overrideSettings: - description: 'OverrideSettings: Settings for overrides.' properties: forceUpgrade: - description: |- - ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade - protections such as checking for deprecated API usage. Enable this option only with caution. type: boolean until: - description: |- - Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the - effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set - by default. It must be set for the overrides to take effect. type: string type: object type: object windowsProfile: - description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: adminPassword: - description: |- - AdminPassword: Specifies the password of the administrator account. - Minimum-length: 8 characters - Max-length: 123 characters - Complexity requirements: 3 out of 4 conditions below need to be fulfilled - Has lower characters - Has upper characters - Has a digit - Has a special character (Regex match [\W_]) - Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", - "Password22", "iloveyou!" properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key - name type: object adminUsername: - description: |- - AdminUsername: Specifies the name of the administrator account. - Restriction: Cannot end in "." - Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", - "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", - "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". - Minimum-length: 1 character - Max-length: 20 characters type: string enableCSIProxy: - description: |- - EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub - repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: - description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: |- - DnsServer: Specifies the DNS server for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: - description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: |- - RootDomainName: Specifies the root domain name for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: |- - LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User - Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. enum: - None - Windows_Server @@ -32277,22 +21439,17 @@ spec: - adminUsername type: object workloadAutoScalerProfile: - description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' properties: keda: - description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' properties: enabled: - description: 'Enabled: Whether to enable KEDA.' type: boolean required: - enabled type: object verticalPodAutoscaler: - description: 'VerticalPodAutoscaler: VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.' properties: enabled: - description: 'Enabled: Whether to enable VPA. Default value is false.' type: boolean required: - enabled @@ -32303,722 +21460,390 @@ spec: - owner type: object status: - description: Managed cluster. properties: aadProfile: - description: 'AadProfile: The Azure Active Directory configuration.' properties: adminGroupObjectIDs: - description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: - description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string enableAzureRBAC: - description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: - description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: - description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string serverAppSecret: - description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: |- - TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment - subscription. type: string type: object addonProfiles: additionalProperties: - description: A Kubernetes add-on profile for a managed cluster. properties: config: additionalProperties: type: string - description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: - description: 'Enabled: Whether the add-on is enabled or not.' type: boolean identity: - description: 'Identity: Information of user assigned identity used by this add-on.' properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string type: object type: object - description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: - description: 'AgentPoolProfiles: The agent pool properties.' items: - description: Profile for the container service agent pool. properties: availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array capacityReservationGroupID: - description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' type: string count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be - exactly equal to it. If orchestratorVersion is , this field will contain the full - version being used. type: string eTag: - description: |- - ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is - updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic - concurrency per the normal etag convention. type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string hostGroupID: - description: |- - HostGroupID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: - description: 'Name: Windows agent pool names must be 6 characters or less.' type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. type: integer protocol: - description: 'Protocol: The network protocol of the port.' type: string type: object type: array applicationSecurityGroups: - description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' items: type: string type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object nodeImageVersion: - description: 'NodeImageVersion: The version of node image' type: string nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. type: string osType: - description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: - description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' type: string proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean type: object spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and - moving on to next node. If not specified, the default is 0 minutes. type: integer type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: |- - DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT - Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: array apiServerAccessProfile: - description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: |- - AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with - clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API - server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array disableRunCommand: - description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: |- - EnablePrivateCluster: For more details, see [Creating a private AKS - cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: - description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean privateDNSZone: - description: |- - PrivateDNSZone: The default is System. For more details see [configure private DNS - zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and - 'none'. type: string type: object autoScalerProfile: - description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' properties: balance-similar-node-groups: - description: 'BalanceSimilarNodeGroups: Valid values are ''true'' and ''false''' type: string daemonset-eviction-for-empty-nodes: - description: |- - DaemonsetEvictionForEmptyNodes: If set to true, all daemonset pods on empty nodes will be evicted before deletion of the - node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be - deleted without ensuring that daemonset pods are deleted or evicted. type: boolean daemonset-eviction-for-occupied-nodes: - description: |- - DaemonsetEvictionForOccupiedNodes: If set to true, all daemonset pods on occupied nodes will be evicted before deletion - of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node - will be deleted without ensuring that daemonset pods are deleted or evicted. type: boolean expander: - description: |- - Expander: If not specified, the default is 'random'. See - [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more - information. type: string ignore-daemonsets-utilization: - description: |- - IgnoreDaemonsetsUtilization: If set to true, the resources used by daemonset will be taken into account when making - scaling down decisions. type: boolean max-empty-bulk-delete: - description: 'MaxEmptyBulkDelete: The default is 10.' type: string max-graceful-termination-sec: - description: 'MaxGracefulTerminationSec: The default is 600.' type: string max-node-provision-time: - description: |- - MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string max-total-unready-percentage: - description: 'MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.' type: string new-pod-scale-up-delay: - description: |- - NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler - could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is - '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: - description: 'OkTotalUnreadyCount: This must be an integer. The default is 3.' type: string scale-down-delay-after-add: - description: |- - ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-delay-after-delete: - description: |- - ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of - time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: |- - ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other - than minutes (m) is supported. type: string scale-down-unneeded-time: - description: |- - ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-unready-time: - description: |- - ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than - minutes (m) is supported. type: string scale-down-utilization-threshold: - description: 'ScaleDownUtilizationThreshold: The default is ''0.5''.' type: string scan-interval: - description: 'ScanInterval: The default is ''10''. Values must be an integer number of seconds.' type: string skip-nodes-with-local-storage: - description: 'SkipNodesWithLocalStorage: The default is true.' type: string skip-nodes-with-system-pods: - description: 'SkipNodesWithSystemPods: The default is true.' type: string type: object autoUpgradeProfile: - description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: nodeOSUpgradeChannel: - description: 'NodeOSUpgradeChannel: Manner in which the OS on your nodes is updated. The default is NodeImage.' type: string upgradeChannel: - description: |- - UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade - channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). type: string type: object azureMonitorProfile: - description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' properties: metrics: - description: |- - Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. properties: enabled: - description: |- - Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See - aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. type: boolean kubeStateMetrics: - description: |- - KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. properties: metricAnnotationsAllowList: - description: |- - MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource's - labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric - contains only resource name and namespace labels. type: string metricLabelsAllowlist: - description: |- - MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource's - labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only - resource name and namespace labels. type: string type: object type: object type: object azurePortalFQDN: - description: |- - AzurePortalFQDN: The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some - responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure - Portal to function properly. type: string conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -33028,907 +21853,544 @@ spec: type: object type: array currentKubernetesVersion: - description: |- - CurrentKubernetesVersion: If kubernetesVersion was a fully specified version , this field will be - exactly equal to it. If kubernetesVersion was , this field will contain the full - version being used. type: string disableLocalAccounts: - description: |- - DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be - used on Managed Clusters that are AAD enabled. For more details see [disable local - accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetID: - description: |- - DiskEncryptionSetID: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' type: string dnsPrefix: - description: 'DnsPrefix: This cannot be updated once the Managed Cluster has been created.' type: string eTag: - description: |- - ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is - updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic - concurrency per the normal etag convention. type: string enablePodSecurityPolicy: - description: |- - EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was - deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and - https://aka.ms/aks/psp. type: boolean enableRBAC: - description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: 'ExtendedLocation: The extended location of the Virtual Machine.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' type: string type: object fqdn: - description: 'Fqdn: The FQDN of the master pool.' type: string fqdnSubdomain: - description: 'FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.' type: string httpProxyConfig: - description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' properties: httpProxy: - description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: - description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: - description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: - description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object id: - description: |- - Id: Fully qualified resource ID for the resource. E.g. - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" type: string identity: - description: 'Identity: The identity of the managed cluster, if configured.' properties: delegatedResources: additionalProperties: - description: Delegated resource properties - internal use only. properties: location: - description: 'Location: The source resource location - internal use only.' type: string referralResource: - description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' type: string resourceId: - description: 'ResourceId: The ARM resource id of the delegated resource - internal use only.' type: string tenantId: - description: 'TenantId: The tenant id of the delegated resource - internal use only.' type: string type: object - description: |- - DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another - Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object principalId: - description: 'PrincipalId: The principal id of the system assigned identity which is used by master components.' type: string tenantId: - description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' type: string type: - description: |- - Type: For more information see [use managed identities in - AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). type: string userAssignedIdentities: additionalProperties: properties: clientId: - description: 'ClientId: The client id of user assigned identity.' type: string principalId: - description: 'PrincipalId: The principal id of user assigned identity.' type: string type: object - description: |- - UserAssignedIdentities: The keys must be ARM resource IDs in the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. type: object type: object identityProfile: additionalProperties: - description: Details about a user assigned identity. properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string type: object - description: |- - IdentityProfile: The user identity associated with the managed cluster. This identity will be used by the kubelet. Only - one user assigned identity is allowed. The only accepted key is "kubeletidentity", with value of "resourceId": - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}". type: object ingressProfile: - description: 'IngressProfile: Ingress profile for the managed cluster.' properties: webAppRouting: - description: |- - WebAppRouting: App Routing settings for the ingress profile. You can find an overview and onboarding guide for this - feature at https://learn.microsoft.com/en-us/azure/aks/app-routing?tabs=default%2Cdeploy-app-default. properties: dnsZoneResourceIds: - description: |- - DnsZoneResourceIds: Resource IDs of the DNS zones to be associated with the Application Routing add-on. Used only when - Application Routing add-on is enabled. Public and private DNS zones can be in different resource groups, but all public - DNS zones must be in the same resource group and all private DNS zones must be in the same resource group. items: type: string type: array enabled: - description: 'Enabled: Whether to enable the Application Routing add-on.' type: boolean identity: - description: |- - Identity: Managed identity of the Application Routing add-on. This is the identity that should be granted permissions, - for example, to manage the associated Azure DNS resource and get certificates from Azure Key Vault. See [this overview - of the add-on](https://learn.microsoft.com/en-us/azure/aks/web-app-routing?tabs=with-osm) for more instructions. properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string type: object type: object type: object kubernetesVersion: - description: |- - KubernetesVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All - upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or - 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS - cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' properties: adminUsername: - description: 'AdminUsername: The administrator username to use for Linux VMs.' type: string ssh: - description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' properties: publicKeys: - description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: Contains information about SSH certificate public key data. properties: keyData: - description: |- - KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or - without headers. type: string type: object type: array type: object type: object location: - description: 'Location: The geo-location where the resource lives' type: string maxAgentPools: - description: 'MaxAgentPools: The max number of agent pools for the managed cluster.' type: integer metricsProfile: - description: 'MetricsProfile: Optional cluster metrics configuration.' properties: costAnalysis: - description: 'CostAnalysis: The cost analysis configuration for the cluster' properties: enabled: - description: |- - Enabled: The Managed Cluster sku.tier must be set to 'Standard' or 'Premium' to enable this feature. Enabling this will - add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the - default is false. For more information see aka.ms/aks/docs/cost-analysis. type: boolean type: object type: object name: - description: 'Name: The name of the resource' type: string networkProfile: - description: 'NetworkProfile: The network configuration profile.' properties: advancedNetworking: - description: |- - AdvancedNetworking: Advanced Networking profile for enabling observability and security feature suite on a cluster. For - more information see aka.ms/aksadvancednetworking. properties: enabled: - description: |- - Enabled: Indicates the enablement of Advanced Networking functionalities of observability and security on AKS clusters. - When this is set to true, all observability and security features will be set to enabled unless explicitly disabled. If - not specified, the default is false. type: boolean observability: - description: 'Observability: Observability profile to enable advanced network metrics and flow logs with historical contexts.' properties: enabled: - description: 'Enabled: Indicates the enablement of Advanced Networking observability functionalities on clusters.' type: boolean type: object security: - description: 'Security: Security profile to enable security features on cilium based cluster.' properties: enabled: - description: |- - Enabled: This feature allows user to configure network policy based on DNS (FQDN) names. It can be enabled only on - cilium based clusters. If not specified, the default is false. type: boolean type: object type: object dnsServiceIP: - description: |- - DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address - range specified in serviceCidr. type: string ipFamilies: - description: |- - IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value - is IPv4. For dual-stack, the expected values are IPv4 and IPv6. items: type: string type: array loadBalancerProfile: - description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: |- - AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 - (inclusive). The default value is 0 which results in Azure dynamically allocating ports. type: integer backendPoolType: - description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' type: string effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: - description: A reference to an Azure resource. properties: id: - description: 'Id: The fully qualified Azure resource id.' type: string type: object type: array enableMultipleStandardLoadBalancers: - description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 30 minutes. type: integer managedOutboundIPs: - description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: |- - Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values - must be in the range of 1 to 100 (inclusive). The default value is 1. type: integer countIPv6: - description: |- - CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed - values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. type: integer type: object outboundIPPrefixes: - description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' properties: publicIPPrefixes: - description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: A reference to an Azure resource. properties: id: - description: 'Id: The fully qualified Azure resource id.' type: string type: object type: array type: object outboundIPs: - description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' properties: publicIPs: - description: 'PublicIPs: A list of public IP resources.' items: - description: A reference to an Azure resource. properties: id: - description: 'Id: The fully qualified Azure resource id.' type: string type: object type: array type: object type: object loadBalancerSku: - description: |- - LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer - SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load - balancer SKUs. type: string natGatewayProfile: - description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' properties: effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' items: - description: A reference to an Azure resource. properties: id: - description: 'Id: The fully qualified Azure resource id.' type: string type: object type: array idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 4 minutes. type: integer managedOutboundIPProfile: - description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: |- - Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 - (inclusive). The default value is 1. type: integer type: object type: object networkDataplane: - description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' type: string networkMode: - description: 'NetworkMode: This cannot be specified if networkPlugin is anything other than ''azure''.' type: string networkPlugin: - description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' type: string networkPluginMode: - description: 'NetworkPluginMode: The mode the network plugin should use.' type: string networkPolicy: - description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' type: string outboundType: - description: |- - OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see - [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). type: string podCidr: - description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' type: string podCidrs: - description: |- - PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. items: type: string type: array serviceCidr: - description: |- - ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP - ranges. type: string serviceCidrs: - description: |- - ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is - expected for dual-stack networking. They must not overlap with any Subnet IP ranges. items: type: string type: array type: object nodeResourceGroup: - description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string nodeResourceGroupProfile: - description: 'NodeResourceGroupProfile: Profile of the node resource group configuration.' properties: restrictionLevel: - description: |- - RestrictionLevel: The restriction level applied to the cluster's node resource group. If not specified, the default is - 'Unrestricted' type: string type: object oidcIssuerProfile: - description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' properties: enabled: - description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean issuerURL: - description: 'IssuerURL: The OIDC issuer url of the Managed Cluster.' type: string type: object podIdentityProfile: - description: |- - PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more - details on AAD pod identity integration. properties: allowNetworkPluginKubenet: - description: |- - AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod - Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. type: boolean enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' type: boolean userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' items: - description: Details about the pod identity assigned to the Managed Cluster. properties: bindingSelector: - description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: 'Identity: The user assigned identity details.' properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string type: object name: - description: 'Name: The name of the pod identity.' type: string namespace: - description: 'Namespace: The namespace of the pod identity.' type: string provisioningInfo: properties: error: - description: 'Error: Pod identity assignment error (if any).' properties: error: - description: 'Error: Details about the error.' properties: code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' type: string details: - description: 'Details: A list of additional details about the error.' items: properties: code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' type: string message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' type: string target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' type: string type: object type: array message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' type: string target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' type: string type: object type: object type: object provisioningState: - description: 'ProvisioningState: The current provisioning state of the pod identity.' type: string type: object type: array userAssignedIdentityExceptions: - description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: |- - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: name: - description: 'Name: The name of the pod identity exception.' type: string namespace: - description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string - description: 'PodLabels: The pod labels to match.' type: object type: object type: array type: object powerState: - description: 'PowerState: The Power State of the cluster.' properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object privateFQDN: - description: 'PrivateFQDN: The FQDN of private cluster.' type: string privateLinkResources: - description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: A private link resource properties: groupId: - description: 'GroupId: The group ID of the resource.' type: string id: - description: 'Id: The ID of the private link resource.' type: string name: - description: 'Name: The name of the private link resource.' type: string privateLinkServiceID: - description: 'PrivateLinkServiceID: The private link service ID of the resource, this field is exposed only to NRP internally.' type: string requiredMembers: - description: 'RequiredMembers: The RequiredMembers of the resource' items: type: string type: array type: - description: 'Type: The resource type.' type: string type: object type: array provisioningState: - description: 'ProvisioningState: The current provisioning state.' type: string publicNetworkAccess: - description: 'PublicNetworkAccess: Allow or deny public network access for AKS' type: string resourceUID: - description: |- - ResourceUID: The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create - sequence) type: string securityProfile: - description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: |- - AzureKeyVaultKms: Azure Key Vault [key management - service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: - description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: |- - KeyId: Identifier of Azure Key Vault key. See [key identifier - format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) - for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key - identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: |- - KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the - key vault allows public access from all networks. `Private` means the key vault disables public access and enables - private link. The default value is `Public`. type: string keyVaultResourceId: - description: |- - KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must - be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. type: string type: object defender: - description: 'Defender: Microsoft Defender settings for the security profile.' properties: logAnalyticsWorkspaceResourceId: - description: |- - LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. - When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft - Defender is disabled, leave the field empty. type: string securityMonitoring: - description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Defender threat detection' type: boolean type: object type: object imageCleaner: - description: 'ImageCleaner: Image Cleaner settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' type: boolean intervalHours: - description: 'IntervalHours: Image Cleaner scanning interval in hours.' type: integer type: object workloadIdentity: - description: |- - WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications - to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: - description: 'Enabled: Whether to enable workload identity.' type: boolean type: object type: object serviceMeshProfile: - description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' properties: istio: - description: 'Istio: Istio service mesh configuration.' properties: certificateAuthority: - description: |- - CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin - certificates as described here https://aka.ms/asm-plugin-ca properties: plugin: - description: 'Plugin: Plugin certificates information for Service Mesh.' properties: certChainObjectName: - description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' type: string certObjectName: - description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' type: string keyObjectName: - description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' type: string keyVaultId: - description: 'KeyVaultId: The resource ID of the Key Vault.' type: string rootCertObjectName: - description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' type: string type: object type: object components: - description: 'Components: Istio components configuration.' properties: egressGateways: - description: 'EgressGateways: Istio egress gateways.' items: - description: Istio egress gateway configuration. properties: enabled: - description: 'Enabled: Whether to enable the egress gateway.' type: boolean type: object type: array ingressGateways: - description: 'IngressGateways: Istio ingress gateways.' items: - description: |- - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: enabled: - description: 'Enabled: Whether to enable the ingress gateway.' type: boolean mode: - description: 'Mode: Mode of an ingress gateway.' type: string type: object type: array type: object revisions: - description: |- - Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. - When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: - https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string type: array type: object mode: - description: 'Mode: Mode of the service mesh.' type: string type: object servicePrincipalProfile: - description: |- - ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure - APIs. properties: clientId: - description: 'ClientId: The ID for the service principal.' type: string type: object sku: - description: 'Sku: The managed cluster SKU.' properties: name: - description: 'Name: The name of a managed cluster SKU.' type: string tier: - description: |- - Tier: If not specified, the default is 'Free'. See [AKS Pricing - Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. type: string type: object storageProfile: - description: 'StorageProfile: Storage profile for the managed cluster.' properties: blobCSIDriver: - description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' type: boolean type: object diskCSIDriver: - description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' type: boolean type: object fileCSIDriver: - description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' type: boolean type: object snapshotController: - description: 'SnapshotController: Snapshot Controller settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' type: boolean type: object type: object supportPlan: - description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' type: string systemData: - description: 'SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.' properties: createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' type: string createdBy: - description: 'CreatedBy: The identity that created the resource.' type: string createdByType: - description: 'CreatedByType: The type of identity that created the resource.' type: string lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' type: string lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' type: string lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' type: string type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object type: - description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading a cluster.' properties: overrideSettings: - description: 'OverrideSettings: Settings for overrides.' properties: forceUpgrade: - description: |- - ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade - protections such as checking for deprecated API usage. Enable this option only with caution. type: boolean until: - description: |- - Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the - effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set - by default. It must be set for the overrides to take effect. type: string type: object type: object windowsProfile: - description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: adminUsername: - description: |- - AdminUsername: Specifies the name of the administrator account. - Restriction: Cannot end in "." - Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", - "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", - "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". - Minimum-length: 1 character - Max-length: 20 characters type: string enableCSIProxy: - description: |- - EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub - repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: - description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: |- - DnsServer: Specifies the DNS server for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: - description: 'Enabled: Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: |- - RootDomainName: Specifies the root domain name for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: |- - LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User - Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. type: string type: object workloadAutoScalerProfile: - description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' properties: keda: - description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' properties: enabled: - description: 'Enabled: Whether to enable KEDA.' type: boolean type: object verticalPodAutoscaler: - description: 'VerticalPodAutoscaler: VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.' properties: enabled: - description: 'Enabled: Whether to enable VPA. Default value is false.' type: boolean type: object type: object @@ -33954,50 +22416,24 @@ spec: name: v1api20240901storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20240901.ManagedCluster - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20240901.ManagedCluster_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: |- - Storage version of v1api20240901.ManagedClusterAADProfile - For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -34018,16 +22454,10 @@ spec: type: object addonProfiles: additionalProperties: - description: |- - Storage version of v1api20240901.ManagedClusterAddonProfile - A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -34039,73 +22469,45 @@ spec: type: object agentPoolProfiles: items: - description: |- - Storage version of v1api20240901.ManagedClusterAgentPoolProfile - Profile for the container service agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: type: string type: array capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object count: type: integer creationData: - description: |- - Storage version of v1api20240901.CreationData - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -34122,39 +22524,22 @@ spec: gpuInstanceProfile: type: string hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: |- - Storage version of v1api20240901.KubeletConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -34184,30 +22569,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20240901.LinuxOSConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20240901.SysctlConfig - Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -34282,29 +22655,17 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20240901.AgentPoolNetworkProfile - Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: |- - Storage version of v1api20240901.PortRange - The port range. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -34316,38 +22677,24 @@ spec: type: array applicationSecurityGroupsReferences: items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20240901.IPTag - Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -34361,25 +22708,15 @@ spec: type: string type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: @@ -34397,61 +22734,36 @@ spec: osType: type: string podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - Storage version of v1api20240901.PowerState - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: @@ -34461,16 +22773,10 @@ spec: scaleSetPriority: type: string securityProfile: - description: |- - Storage version of v1api20240901.AgentPoolSecurityProfile - The security settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enableSecureBoot: type: boolean @@ -34486,16 +22792,10 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20240901.AgentPoolUpgradeSettings - Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -34507,39 +22807,22 @@ spec: vmSize: type: string vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object windowsProfile: - description: |- - Storage version of v1api20240901.AgentPoolWindowsProfile - The Windows agent pool's specific profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object disableOutboundNat: type: boolean @@ -34549,16 +22832,10 @@ spec: type: object type: array apiServerAccessProfile: - description: |- - Storage version of v1api20240901.ManagedClusterAPIServerAccessProfile - Access profile for managed cluster API server. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -34574,14 +22851,10 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20240901.ManagedClusterProperties_AutoScalerProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -34625,16 +22898,10 @@ spec: type: string type: object autoUpgradeProfile: - description: |- - Storage version of v1api20240901.ManagedClusterAutoUpgradeProfile - Auto upgrade profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object nodeOSUpgradeChannel: type: string @@ -34642,46 +22909,24 @@ spec: type: string type: object azureMonitorProfile: - description: |- - Storage version of v1api20240901.ManagedClusterAzureMonitorProfile - Azure Monitor addon profiles for monitoring the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metrics: - description: |- - Storage version of v1api20240901.ManagedClusterAzureMonitorProfileMetrics - Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean kubeStateMetrics: - description: |- - Storage version of v1api20240901.ManagedClusterAzureMonitorProfileKubeStateMetrics - Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metricAnnotationsAllowList: type: string @@ -34691,32 +22936,19 @@ spec: type: object type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string disableLocalAccounts: type: boolean diskEncryptionSetReference: - description: |- - DiskEncryptionSetReference: This is of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object dnsPrefix: @@ -34726,16 +22958,10 @@ spec: enableRBAC: type: boolean extendedLocation: - description: |- - Storage version of v1api20240901.ExtendedLocation - The complex type of the extended location. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -34745,16 +22971,10 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: |- - Storage version of v1api20240901.ManagedClusterHTTPProxyConfig - Cluster HTTP proxy configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object httpProxy: type: string @@ -34768,52 +22988,32 @@ spec: type: string type: object identity: - description: |- - Storage version of v1api20240901.ManagedClusterIdentity - Identity for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object delegatedResources: additionalProperties: - description: |- - Storage version of v1api20240901.DelegatedResource - Delegated resource properties - internal use only. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object location: type: string referralResource: type: string resourceReference: - description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object tenantId: @@ -34824,35 +23024,21 @@ spec: type: string userAssignedIdentities: items: - description: |- - Storage version of v1api20240901.UserAssignedIdentityDetails - Information about the user assigned identity for the resource properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -34860,31 +23046,18 @@ spec: type: object identityProfile: additionalProperties: - description: |- - Storage version of v1api20240901.UserAssignedIdentity - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string clientIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key @@ -34893,87 +23066,52 @@ spec: objectId: type: string objectIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: object ingressProfile: - description: |- - Storage version of v1api20240901.ManagedClusterIngressProfile - Ingress profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object webAppRouting: - description: |- - Storage version of v1api20240901.ManagedClusterIngressProfileWebAppRouting - Application Routing add-on settings for the ingress profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsZoneResourceReferences: items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array @@ -34984,43 +23122,25 @@ spec: kubernetesVersion: type: string linuxProfile: - description: |- - Storage version of v1api20240901.ContainerServiceLinuxProfile - Profile for Linux VMs in the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: |- - Storage version of v1api20240901.ContainerServiceSshConfiguration - SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: |- - Storage version of v1api20240901.ContainerServiceSshPublicKey - Contains information about SSH certificate public key data. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -35031,86 +23151,49 @@ spec: location: type: string metricsProfile: - description: |- - Storage version of v1api20240901.ManagedClusterMetricsProfile - The metrics profile for the ManagedCluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object costAnalysis: - description: |- - Storage version of v1api20240901.ManagedClusterCostAnalysis - The cost analysis configuration for the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object networkProfile: - description: |- - Storage version of v1api20240901.ContainerServiceNetworkProfile - Profile of network configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object advancedNetworking: - description: |- - Storage version of v1api20240901.AdvancedNetworking - Advanced Networking profile for enabling observability and security feature suite on a cluster. For more information see - aka.ms/aksadvancednetworking. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean observability: - description: |- - Storage version of v1api20240901.AdvancedNetworkingObservability - Observability profile to enable advanced network metrics and flow logs with historical contexts. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object security: - description: |- - Storage version of v1api20240901.AdvancedNetworkingSecurity - Security profile to enable security features on cilium based cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -35123,16 +23206,10 @@ spec: type: string type: array loadBalancerProfile: - description: |- - Storage version of v1api20240901.ManagedClusterLoadBalancerProfile - Profile of the managed cluster load balancer. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer @@ -35140,35 +23217,21 @@ spec: type: string effectiveOutboundIPs: items: - description: |- - Storage version of v1api20240901.ResourceReference - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -35178,14 +23241,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20240901.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -35193,92 +23252,56 @@ spec: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20240901.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: |- - Storage version of v1api20240901.ResourceReference - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array type: object outboundIPs: - description: Storage version of v1api20240901.ManagedClusterLoadBalancerProfile_OutboundIPs properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: |- - Storage version of v1api20240901.ResourceReference - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -35288,48 +23311,28 @@ spec: loadBalancerSku: type: string natGatewayProfile: - description: |- - Storage version of v1api20240901.ManagedClusterNATGatewayProfile - Profile of the managed cluster NAT gateway. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object effectiveOutboundIPs: items: - description: |- - Storage version of v1api20240901.ResourceReference - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -35337,16 +23340,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: |- - Storage version of v1api20240901.ManagedClusterManagedOutboundIPProfile - Profile of the managed outbound IP resources of the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -35380,70 +23377,37 @@ spec: nodeResourceGroup: type: string nodeResourceGroupProfile: - description: |- - Storage version of v1api20240901.ManagedClusterNodeResourceGroupProfile - Node resource group lockdown profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object restrictionLevel: type: string type: object oidcIssuerProfile: - description: |- - Storage version of v1api20240901.ManagedClusterOIDCIssuerProfile - The OIDC issuer profile of the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object operatorSpec: - description: |- - Storage version of v1api20240901.ManagedClusterOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -35451,28 +23415,16 @@ spec: type: object type: array configMaps: - description: Storage version of v1api20240901.ManagedClusterOperatorConfigMaps properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object oidcIssuerProfile: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to: SecretDestination in secrets.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -35481,27 +23433,12 @@ spec: type: object secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -35509,46 +23446,26 @@ spec: type: object type: array secrets: - description: Storage version of v1api20240901.ManagedClusterOperatorSecrets properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to: ConfigMapDestination in configmaps.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key - name type: object userCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to: ConfigMapDestination in configmaps.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key @@ -35559,30 +23476,18 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podIdentityProfile: - description: |- - Storage version of v1api20240901.ManagedClusterPodIdentityProfile - See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod - identity integration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -35590,45 +23495,26 @@ spec: type: boolean userAssignedIdentities: items: - description: |- - Storage version of v1api20240901.ManagedClusterPodIdentity - Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: |- - Storage version of v1api20240901.UserAssignedIdentity - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string clientIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key @@ -35637,40 +23523,25 @@ spec: objectId: type: string objectIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -35682,17 +23553,10 @@ spec: type: array userAssignedIdentityExceptions: items: - description: |- - Storage version of v1api20240901.ManagedClusterPodIdentityException - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -35707,39 +23571,25 @@ spec: type: object privateLinkResources: items: - description: |- - Storage version of v1api20240901.PrivateLinkResource - A private link resource properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object groupId: type: string name: type: string reference: - description: 'Reference: The ID of the private link resource.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requiredMembers: @@ -35753,28 +23603,16 @@ spec: publicNetworkAccess: type: string securityProfile: - description: |- - Storage version of v1api20240901.ManagedClusterSecurityProfile - Security profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: |- - Storage version of v1api20240901.AzureKeyVaultKms - Azure Key Vault key management service settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -35783,91 +23621,51 @@ spec: keyVaultNetworkAccess: type: string keyVaultResourceReference: - description: |- - KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and - must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object defender: - description: |- - Storage version of v1api20240901.ManagedClusterSecurityProfileDefender - Microsoft Defender settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object logAnalyticsWorkspaceResourceReference: - description: |- - LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft - Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When - Microsoft Defender is disabled, leave the field empty. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object securityMonitoring: - description: |- - Storage version of v1api20240901.ManagedClusterSecurityProfileDefenderSecurityMonitoring - Microsoft Defender settings for the security profile threat detection. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object imageCleaner: - description: |- - Storage version of v1api20240901.ManagedClusterSecurityProfileImageCleaner - Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here - are settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -35875,69 +23673,38 @@ spec: type: integer type: object workloadIdentity: - description: |- - Storage version of v1api20240901.ManagedClusterSecurityProfileWorkloadIdentity - Workload identity settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object serviceMeshProfile: - description: |- - Storage version of v1api20240901.ServiceMeshProfile - Service mesh profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object istio: - description: |- - Storage version of v1api20240901.IstioServiceMesh - Istio service mesh configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object certificateAuthority: - description: |- - Storage version of v1api20240901.IstioCertificateAuthority - Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described - here https://aka.ms/asm-plugin-ca properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object plugin: - description: |- - Storage version of v1api20240901.IstioPluginCertificateAuthority - Plugin certificates information for Service Mesh. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object certChainObjectName: type: string @@ -35946,23 +23713,15 @@ spec: keyObjectName: type: string keyVaultReference: - description: 'KeyVaultReference: The resource ID of the Key Vault.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object rootCertObjectName: @@ -35970,29 +23729,17 @@ spec: type: object type: object components: - description: |- - Storage version of v1api20240901.IstioComponents - Istio components configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object egressGateways: items: - description: |- - Storage version of v1api20240901.IstioEgressGateway - Istio egress gateway configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -36000,17 +23747,10 @@ spec: type: array ingressGateways: items: - description: |- - Storage version of v1api20240901.IstioIngressGateway - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -36028,31 +23768,18 @@ spec: type: string type: object servicePrincipalProfile: - description: |- - Storage version of v1api20240901.ManagedClusterServicePrincipalProfile - Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string secret: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key @@ -36060,16 +23787,10 @@ spec: type: object type: object sku: - description: |- - Storage version of v1api20240901.ManagedClusterSKU - The SKU of a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -36077,73 +23798,43 @@ spec: type: string type: object storageProfile: - description: |- - Storage version of v1api20240901.ManagedClusterStorageProfile - Storage profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: |- - Storage version of v1api20240901.ManagedClusterStorageProfileBlobCSIDriver - AzureBlob CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object diskCSIDriver: - description: |- - Storage version of v1api20240901.ManagedClusterStorageProfileDiskCSIDriver - AzureDisk CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object fileCSIDriver: - description: |- - Storage version of v1api20240901.ManagedClusterStorageProfileFileCSIDriver - AzureFile CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object snapshotController: - description: |- - Storage version of v1api20240901.ManagedClusterStorageProfileSnapshotController - Snapshot Controller settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -36156,28 +23847,16 @@ spec: type: string type: object upgradeSettings: - description: |- - Storage version of v1api20240901.ClusterUpgradeSettings - Settings for upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object overrideSettings: - description: |- - Storage version of v1api20240901.UpgradeOverrideSettings - Settings for overrides when upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object forceUpgrade: type: boolean @@ -36186,29 +23865,16 @@ spec: type: object type: object windowsProfile: - description: |- - Storage version of v1api20240901.ManagedClusterWindowsProfile - Profile for Windows VMs in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminPassword: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key @@ -36219,16 +23885,10 @@ spec: enableCSIProxy: type: boolean gmsaProfile: - description: |- - Storage version of v1api20240901.WindowsGmsaProfile - Windows gMSA Profile in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServer: type: string @@ -36241,43 +23901,25 @@ spec: type: string type: object workloadAutoScalerProfile: - description: |- - Storage version of v1api20240901.ManagedClusterWorkloadAutoScalerProfile - Workload Auto-scaler profile for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keda: - description: |- - Storage version of v1api20240901.ManagedClusterWorkloadAutoScalerProfileKeda - KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object verticalPodAutoscaler: - description: |- - Storage version of v1api20240901.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler - VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -36287,28 +23929,16 @@ spec: - owner type: object status: - description: |- - Storage version of v1api20240901.ManagedCluster_STATUS - Managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: |- - Storage version of v1api20240901.ManagedClusterAADProfile_STATUS - For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -36329,16 +23959,10 @@ spec: type: object addonProfiles: additionalProperties: - description: |- - Storage version of v1api20240901.ManagedClusterAddonProfile_STATUS - A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -36347,16 +23971,10 @@ spec: enabled: type: boolean identity: - description: |- - Storage version of v1api20240901.UserAssignedIdentity_STATUS - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -36369,16 +23987,10 @@ spec: type: object agentPoolProfiles: items: - description: |- - Storage version of v1api20240901.ManagedClusterAgentPoolProfile_STATUS - Profile for the container service agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -36389,16 +24001,10 @@ spec: count: type: integer creationData: - description: |- - Storage version of v1api20240901.CreationData_STATUS - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -36422,16 +24028,10 @@ spec: hostGroupID: type: string kubeletConfig: - description: |- - Storage version of v1api20240901.KubeletConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -36461,30 +24061,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20240901.LinuxOSConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20240901.SysctlConfig_STATUS - Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -36559,29 +24147,17 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20240901.AgentPoolNetworkProfile_STATUS - Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: |- - Storage version of v1api20240901.PortRange_STATUS - The port range. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -36597,16 +24173,10 @@ spec: type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20240901.IPTag_STATUS - Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -36640,16 +24210,10 @@ spec: podSubnetID: type: string powerState: - description: |- - Storage version of v1api20240901.PowerState_STATUS - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -36665,16 +24229,10 @@ spec: scaleSetPriority: type: string securityProfile: - description: |- - Storage version of v1api20240901.AgentPoolSecurityProfile_STATUS - The security settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enableSecureBoot: type: boolean @@ -36690,16 +24248,10 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20240901.AgentPoolUpgradeSettings_STATUS - Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -36713,16 +24265,10 @@ spec: vnetSubnetID: type: string windowsProfile: - description: |- - Storage version of v1api20240901.AgentPoolWindowsProfile_STATUS - The Windows agent pool's specific profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object disableOutboundNat: type: boolean @@ -36732,16 +24278,10 @@ spec: type: object type: array apiServerAccessProfile: - description: |- - Storage version of v1api20240901.ManagedClusterAPIServerAccessProfile_STATUS - Access profile for managed cluster API server. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -36757,14 +24297,10 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20240901.ManagedClusterProperties_AutoScalerProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -36808,16 +24344,10 @@ spec: type: string type: object autoUpgradeProfile: - description: |- - Storage version of v1api20240901.ManagedClusterAutoUpgradeProfile_STATUS - Auto upgrade profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object nodeOSUpgradeChannel: type: string @@ -36825,46 +24355,24 @@ spec: type: string type: object azureMonitorProfile: - description: |- - Storage version of v1api20240901.ManagedClusterAzureMonitorProfile_STATUS - Azure Monitor addon profiles for monitoring the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metrics: - description: |- - Storage version of v1api20240901.ManagedClusterAzureMonitorProfileMetrics_STATUS - Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean kubeStateMetrics: - description: |- - Storage version of v1api20240901.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS - Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metricAnnotationsAllowList: type: string @@ -36877,39 +24385,22 @@ spec: type: string conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -36933,16 +24424,10 @@ spec: enableRBAC: type: boolean extendedLocation: - description: |- - Storage version of v1api20240901.ExtendedLocation_STATUS - The complex type of the extended location. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -36954,16 +24439,10 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: |- - Storage version of v1api20240901.ManagedClusterHTTPProxyConfig_STATUS - Cluster HTTP proxy configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object httpProxy: type: string @@ -36979,29 +24458,17 @@ spec: id: type: string identity: - description: |- - Storage version of v1api20240901.ManagedClusterIdentity_STATUS - Identity for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object delegatedResources: additionalProperties: - description: |- - Storage version of v1api20240901.DelegatedResource_STATUS - Delegated resource properties - internal use only. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object location: type: string @@ -37021,14 +24488,10 @@ spec: type: string userAssignedIdentities: additionalProperties: - description: Storage version of v1api20240901.ManagedClusterIdentity_UserAssignedIdentities_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -37039,16 +24502,10 @@ spec: type: object identityProfile: additionalProperties: - description: |- - Storage version of v1api20240901.UserAssignedIdentity_STATUS - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -37059,28 +24516,16 @@ spec: type: object type: object ingressProfile: - description: |- - Storage version of v1api20240901.ManagedClusterIngressProfile_STATUS - Ingress profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object webAppRouting: - description: |- - Storage version of v1api20240901.ManagedClusterIngressProfileWebAppRouting_STATUS - Application Routing add-on settings for the ingress profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsZoneResourceIds: items: @@ -37089,16 +24534,10 @@ spec: enabled: type: boolean identity: - description: |- - Storage version of v1api20240901.UserAssignedIdentity_STATUS - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -37112,43 +24551,25 @@ spec: kubernetesVersion: type: string linuxProfile: - description: |- - Storage version of v1api20240901.ContainerServiceLinuxProfile_STATUS - Profile for Linux VMs in the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: |- - Storage version of v1api20240901.ContainerServiceSshConfiguration_STATUS - SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: |- - Storage version of v1api20240901.ContainerServiceSshPublicKey_STATUS - Contains information about SSH certificate public key data. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -37161,28 +24582,16 @@ spec: maxAgentPools: type: integer metricsProfile: - description: |- - Storage version of v1api20240901.ManagedClusterMetricsProfile_STATUS - The metrics profile for the ManagedCluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object costAnalysis: - description: |- - Storage version of v1api20240901.ManagedClusterCostAnalysis_STATUS - The cost analysis configuration for the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -37191,58 +24600,33 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20240901.ContainerServiceNetworkProfile_STATUS - Profile of network configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object advancedNetworking: - description: |- - Storage version of v1api20240901.AdvancedNetworking_STATUS - Advanced Networking profile for enabling observability and security feature suite on a cluster. For more information see - aka.ms/aksadvancednetworking. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean observability: - description: |- - Storage version of v1api20240901.AdvancedNetworkingObservability_STATUS - Observability profile to enable advanced network metrics and flow logs with historical contexts. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object security: - description: |- - Storage version of v1api20240901.AdvancedNetworkingSecurity_STATUS - Security profile to enable security features on cilium based cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -37255,16 +24639,10 @@ spec: type: string type: array loadBalancerProfile: - description: |- - Storage version of v1api20240901.ManagedClusterLoadBalancerProfile_STATUS - Profile of the managed cluster load balancer. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer @@ -37272,16 +24650,10 @@ spec: type: string effectiveOutboundIPs: items: - description: |- - Storage version of v1api20240901.ResourceReference_STATUS - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -37292,14 +24664,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20240901.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -37307,27 +24675,17 @@ spec: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20240901.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: |- - Storage version of v1api20240901.ResourceReference_STATUS - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -37335,27 +24693,17 @@ spec: type: array type: object outboundIPs: - description: Storage version of v1api20240901.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: |- - Storage version of v1api20240901.ResourceReference_STATUS - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -37366,29 +24714,17 @@ spec: loadBalancerSku: type: string natGatewayProfile: - description: |- - Storage version of v1api20240901.ManagedClusterNATGatewayProfile_STATUS - Profile of the managed cluster NAT gateway. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object effectiveOutboundIPs: items: - description: |- - Storage version of v1api20240901.ResourceReference_STATUS - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -37397,16 +24733,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: |- - Storage version of v1api20240901.ManagedClusterManagedOutboundIPProfile_STATUS - Profile of the managed outbound IP resources of the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -37440,31 +24770,19 @@ spec: nodeResourceGroup: type: string nodeResourceGroupProfile: - description: |- - Storage version of v1api20240901.ManagedClusterNodeResourceGroupProfile_STATUS - Node resource group lockdown profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object restrictionLevel: type: string type: object oidcIssuerProfile: - description: |- - Storage version of v1api20240901.ManagedClusterOIDCIssuerProfile_STATUS - The OIDC issuer profile of the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -37472,17 +24790,10 @@ spec: type: string type: object podIdentityProfile: - description: |- - Storage version of v1api20240901.ManagedClusterPodIdentityProfile_STATUS - See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod - identity integration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -37490,30 +24801,18 @@ spec: type: boolean userAssignedIdentities: items: - description: |- - Storage version of v1api20240901.ManagedClusterPodIdentity_STATUS - Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: |- - Storage version of v1api20240901.UserAssignedIdentity_STATUS - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -37527,51 +24826,31 @@ spec: namespace: type: string provisioningInfo: - description: Storage version of v1api20240901.ManagedClusterPodIdentity_ProvisioningInfo_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object error: - description: |- - Storage version of v1api20240901.ManagedClusterPodIdentityProvisioningError_STATUS - An error response from the pod identity provisioning. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object error: - description: |- - Storage version of v1api20240901.ManagedClusterPodIdentityProvisioningErrorBody_STATUS - An error response from the pod identity provisioning. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string details: items: - description: Storage version of v1api20240901.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -37594,17 +24873,10 @@ spec: type: array userAssignedIdentityExceptions: items: - description: |- - Storage version of v1api20240901.ManagedClusterPodIdentityException_STATUS - See [disable AAD Pod Identity for a specific - Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -37618,16 +24890,10 @@ spec: type: array type: object powerState: - description: |- - Storage version of v1api20240901.PowerState_STATUS - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -37636,16 +24902,10 @@ spec: type: string privateLinkResources: items: - description: |- - Storage version of v1api20240901.PrivateLinkResource_STATUS - A private link resource properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object groupId: type: string @@ -37670,28 +24930,16 @@ spec: resourceUID: type: string securityProfile: - description: |- - Storage version of v1api20240901.ManagedClusterSecurityProfile_STATUS - Security profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: |- - Storage version of v1api20240901.AzureKeyVaultKms_STATUS - Azure Key Vault key management service settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -37703,47 +24951,28 @@ spec: type: string type: object defender: - description: |- - Storage version of v1api20240901.ManagedClusterSecurityProfileDefender_STATUS - Microsoft Defender settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object logAnalyticsWorkspaceResourceId: type: string securityMonitoring: - description: |- - Storage version of v1api20240901.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS - Microsoft Defender settings for the security profile threat detection. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object imageCleaner: - description: |- - Storage version of v1api20240901.ManagedClusterSecurityProfileImageCleaner_STATUS - Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here - are settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -37751,69 +24980,38 @@ spec: type: integer type: object workloadIdentity: - description: |- - Storage version of v1api20240901.ManagedClusterSecurityProfileWorkloadIdentity_STATUS - Workload identity settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object serviceMeshProfile: - description: |- - Storage version of v1api20240901.ServiceMeshProfile_STATUS - Service mesh profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object istio: - description: |- - Storage version of v1api20240901.IstioServiceMesh_STATUS - Istio service mesh configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object certificateAuthority: - description: |- - Storage version of v1api20240901.IstioCertificateAuthority_STATUS - Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described - here https://aka.ms/asm-plugin-ca properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object plugin: - description: |- - Storage version of v1api20240901.IstioPluginCertificateAuthority_STATUS - Plugin certificates information for Service Mesh. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object certChainObjectName: type: string @@ -37828,29 +25026,17 @@ spec: type: object type: object components: - description: |- - Storage version of v1api20240901.IstioComponents_STATUS - Istio components configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object egressGateways: items: - description: |- - Storage version of v1api20240901.IstioEgressGateway_STATUS - Istio egress gateway configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -37858,17 +25044,10 @@ spec: type: array ingressGateways: items: - description: |- - Storage version of v1api20240901.IstioIngressGateway_STATUS - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -37886,31 +25065,19 @@ spec: type: string type: object servicePrincipalProfile: - description: |- - Storage version of v1api20240901.ManagedClusterServicePrincipalProfile_STATUS - Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string type: object sku: - description: |- - Storage version of v1api20240901.ManagedClusterSKU_STATUS - The SKU of a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -37918,73 +25085,43 @@ spec: type: string type: object storageProfile: - description: |- - Storage version of v1api20240901.ManagedClusterStorageProfile_STATUS - Storage profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: |- - Storage version of v1api20240901.ManagedClusterStorageProfileBlobCSIDriver_STATUS - AzureBlob CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object diskCSIDriver: - description: |- - Storage version of v1api20240901.ManagedClusterStorageProfileDiskCSIDriver_STATUS - AzureDisk CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object fileCSIDriver: - description: |- - Storage version of v1api20240901.ManagedClusterStorageProfileFileCSIDriver_STATUS - AzureFile CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object snapshotController: - description: |- - Storage version of v1api20240901.ManagedClusterStorageProfileSnapshotController_STATUS - Snapshot Controller settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -37993,16 +25130,10 @@ spec: supportPlan: type: string systemData: - description: |- - Storage version of v1api20240901.SystemData_STATUS - Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -38024,28 +25155,16 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20240901.ClusterUpgradeSettings_STATUS - Settings for upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object overrideSettings: - description: |- - Storage version of v1api20240901.UpgradeOverrideSettings_STATUS - Settings for overrides when upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object forceUpgrade: type: boolean @@ -38054,32 +25173,20 @@ spec: type: object type: object windowsProfile: - description: |- - Storage version of v1api20240901.ManagedClusterWindowsProfile_STATUS - Profile for Windows VMs in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: - description: |- - Storage version of v1api20240901.WindowsGmsaProfile_STATUS - Windows gMSA Profile in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServer: type: string @@ -38092,43 +25199,25 @@ spec: type: string type: object workloadAutoScalerProfile: - description: |- - Storage version of v1api20240901.ManagedClusterWorkloadAutoScalerProfile_STATUS - Workload Auto-scaler profile for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keda: - description: |- - Storage version of v1api20240901.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS - KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object verticalPodAutoscaler: - description: |- - Storage version of v1api20240901.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS - VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -38156,183 +25245,101 @@ spec: name: v1api20250801 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2025-08-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: aadProfile: - description: 'AadProfile: The Azure Active Directory configuration.' properties: adminGroupObjectIDs: - description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: - description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string enableAzureRBAC: - description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: - description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: - description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string serverAppSecret: - description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: |- - TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment - subscription. type: string type: object addonProfiles: additionalProperties: - description: A Kubernetes add-on profile for a managed cluster. properties: config: additionalProperties: type: string - description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: - description: 'Enabled: Whether the add-on is enabled or not.' type: boolean required: - enabled type: object - description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: - description: 'AgentPoolProfiles: The agent pool properties.' items: - description: Profile for the container service agent pool. properties: availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: Whether to enable host based OS and data drive encryption. This is only supported on certain VM - sizes and in certain Azure regions. For more information, see: - https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: Whether to use a FIPS-enabled OS. See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Whether each node is allocated its own public IP. Some scenarios may require nodes in a node pool to - receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to - make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP - per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). - The default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gatewayProfile: - description: |- - GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is - not Gateway. properties: publicIPPrefixSize: - description: |- - PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide - public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with - one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure - public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 - nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. maximum: 31 minimum: 28 type: integer type: object gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' enum: - MIG1g - MIG2g @@ -38341,270 +25348,163 @@ spec: - MIG7g type: string gpuProfile: - description: 'GpuProfile: GPU settings for the Agent Pool.' properties: driver: - description: 'Driver: Whether to install GPU drivers. When it''s not specified, default is Install.' enum: - Install - None type: string type: object hostGroupReference: - description: |- - HostGroupReference: The fully qualified resource ID of the Dedicated Host Group to provision virtual machines from, used - only in creation scenario and not allowed to changed once set. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: If CPU CFS quota enforcement is enabled for containers that specify CPU limits. The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The CPU CFS quota period value. The default is '100ms.' Valid values are a sequence of decimal - numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', - 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The CPU Manager policy to use. The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: |- - ImageGcHighThreshold: The percent of disk usage after which image garbage collection is always run. To disable image - garbage collection, set to 100. The default is 85% type: integer imageGcLowThreshold: - description: |- - ImageGcLowThreshold: The percent of disk usage before which image garbage collection is never run. This cannot be set - higher than imageGcHighThreshold. The default is 80% type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: The Topology Manager policy to use. For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. enum: - OS - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' maximum: 90 minimum: 10 type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' maximum: 524288 minimum: 65536 type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' maximum: 2097152 minimum: 131072 type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Whether the kernel should make aggressive use of memory compaction to make more hugepages - available. Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For - more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Whether transparent hugepages are enabled. Valid values are 'always', 'madvise', and - 'never'. The default is 'always'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: - description: |- - MessageOfTheDay: Message of the day for Linux nodes, base64-encoded. A base64-encoded string which will be written to - /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified - for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script). type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: The mode of an agent pool. A cluster must have at least one 'System' Agent Pool at all times. For additional - information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: - Gateway - System - User type: string name: - description: |- - Name: Unique name of the agent pool profile in the context of the subscription and resource group. Windows agent pool - names must be 6 characters or less. pattern: ^[a-z][a-z0-9]{0,11}$ type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. maximum: 65535 minimum: 1 type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. maximum: 65535 minimum: 1 type: integer protocol: - description: 'Protocol: The network protocol of the port.' enum: - TCP - UDP @@ -38612,40 +25512,25 @@ spec: type: object type: array applicationSecurityGroupsReferences: - description: |- - ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when - created. items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array @@ -38653,64 +25538,35 @@ spec: nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: The public IP prefix ID which VM nodes should use IPs from. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: The version of Kubernetes specified by the user. Both patch version (e.g. - 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch - version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x - -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade - all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version - as the control plane. The node pool minor version must be within two minor versions of the control plane version. The - node pool version cannot be greater than the control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The OS disk type to be used for machines in the agent pool. The default is 'Ephemeral' if the VM supports it - and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after - creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. enum: - AzureLinux - AzureLinux3 @@ -38721,174 +25577,101 @@ spec: - Windows2022 type: string osType: - description: 'OsType: The operating system type. The default is Linux.' enum: - Linux - Windows type: string podIPAllocationMode: - description: |- - PodIPAllocationMode: Pod IP Allocation Mode. The IP allocation mode for pods in the agent pool. Must be used with - podSubnetId. The default is 'DynamicIndividual'. enum: - DynamicIndividual - StaticBlock type: string podSubnetReference: - description: |- - PodSubnetReference: The ID of the subnet which pods will join when launched. If omitted, pod IPs are statically assigned - on the node subnet (see vnetSubnetID for more details). This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - PowerState: Whether the Agent Pool is running or stopped. When an Agent Pool is first created it is initially Running. - The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not - accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' enum: - Running - Stopped type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: - description: |- - ScaleDownMode: The scale down mode to use when scaling the Agent Pool. This also effects the cluster autoscaler - behavior. If not specified, it defaults to Delete. enum: - Deallocate - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: The Virtual Machine Scale Set eviction policy to use. This cannot be specified unless the - scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'. enum: - Deallocate - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' enum: - Regular - Spot type: string securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean sshAccess: - description: 'SshAccess: SSH access method of an agent pool.' enum: - Disabled - LocalUser type: string type: object spotMaxPrice: - description: |- - SpotMaxPrice: The max price (in US Dollars) you are willing to pay for spot instances. Possible values are any decimal - value greater than zero or -1 which indicates default price to be up-to on-demand. Possible values are any decimal value - greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, - see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' enum: - AvailabilitySet - VirtualMachineScaleSets - VirtualMachines type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The drain timeout for a node. The amount of time (in minutes) to wait on eviction of pods and - graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is - exceeded, the upgrade fails. If not specified, the default is 30 minutes. maximum: 1440 minimum: 1 type: integer maxSurge: - description: |- - MaxSurge: The maximum number or percentage of nodes that are surged during upgrade. This can either be set to an integer - (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size - at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 10%. For - more information, including best practices, see: https://learn.microsoft.com/en-us/azure/aks/upgrade-cluster type: string maxUnavailable: - description: |- - MaxUnavailable: The maximum number or percentage of nodes that can be simultaneously unavailable during upgrade. This - can either be set to an integer (e.g. '1') or a percentage (e.g. '5%'). If a percentage is specified, it is the - percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If - not specified, the default is 0. For more information, including best practices, see: - https://learn.microsoft.com/en-us/azure/aks/upgrade-cluster type: string nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The soak duration for a node. The amount of time (in minutes) to wait after draining a node - and before reimaging it and moving on to next node. If not specified, the default is 0 minutes. maximum: 30 minimum: 0 type: integer undrainableNodeBehavior: - description: |- - UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable - nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the - remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. enum: - Cordon - Schedule @@ -38896,80 +25679,48 @@ spec: type: object virtualMachineNodesStatus: items: - description: Current status on a group of nodes of the same vm size. properties: count: - description: 'Count: Number of nodes.' type: integer size: - description: 'Size: The VM size of the agents used to host this group of nodes.' type: string type: object type: array virtualMachinesProfile: - description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' properties: scale: - description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' properties: manual: - description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' items: - description: Specifications on number of machines. properties: count: - description: 'Count: Number of nodes.' type: integer size: - description: |- - Size: VM size that AKS will use when creating and scaling e.g. 'Standard_E4s_v3', 'Standard_E16s_v3' or - 'Standard_D16s_v5'. type: string type: object type: array type: object type: object vmSize: - description: |- - VmSize: The size of the agent pool VMs. VM size availability varies by region. If a node contains insufficient compute - resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: |- - VnetSubnetReference: The ID of the subnet which agent pool nodes and optionally pods will join on startup. If this is - not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and - pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: |- - DisableOutboundNat: Whether to disable OutboundNAT in windows nodes. The default value is false. Outbound NAT can only - be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' enum: - OCIContainer - WasmWasi @@ -38979,96 +25730,48 @@ spec: type: object type: array aiToolchainOperatorProfile: - description: 'AiToolchainOperatorProfile: AI toolchain operator settings that apply to the whole cluster.' properties: enabled: - description: 'Enabled: Whether to enable AI toolchain operator to the cluster. Indicates if AI toolchain operator enabled or not.' type: boolean type: object apiServerAccessProfile: - description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: |- - AuthorizedIPRanges: The IP ranges authorized to access the Kubernetes API server. IP ranges are specified in CIDR - format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters - that are using a Basic Load Balancer. For more information see [API server authorized IP - ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array disableRunCommand: - description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: |- - EnablePrivateCluster: Whether to create the cluster as a private cluster or not. For more details, see [Creating a - private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: - description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean enableVnetIntegration: - description: |- - EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not. See - aka.ms/AksVnetIntegration for more details. type: boolean privateDNSZone: - description: |- - PrivateDNSZone: The private DNS zone mode for the cluster. The default is System. For more details see [configure - private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are - 'system' and 'none'. type: string subnetReference: - description: |- - SubnetReference: The subnet to be used when apiserver vnet integration is enabled. It is required when creating a new - cluster with BYO Vnet, or when updating an existing cluster to enable apiserver vnet integration. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object autoScalerProfile: - description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' properties: balance-similar-node-groups: - description: |- - BalanceSimilarNodeGroups: Detects similar node pools and balances the number of nodes between them. Valid values are - 'true' and 'false' type: string daemonset-eviction-for-empty-nodes: - description: |- - DaemonsetEvictionForEmptyNodes: DaemonSet pods will be gracefully terminated from empty nodes. If set to true, all - daemonset pods on empty nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted - another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods - are deleted or evicted. type: boolean daemonset-eviction-for-occupied-nodes: - description: |- - DaemonsetEvictionForOccupiedNodes: DaemonSet pods will be gracefully terminated from non-empty nodes. If set to true, - all daemonset pods on occupied nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted - another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods - are deleted or evicted. type: boolean expander: - description: |- - Expander: The expander to use when scaling up. If not specified, the default is 'random'. See - [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more - information. enum: - least-waste - most-pods @@ -39076,93 +25779,41 @@ spec: - random type: string ignore-daemonsets-utilization: - description: |- - IgnoreDaemonsetsUtilization: Should CA ignore DaemonSet pods when calculating resource utilization for scaling down. If - set to true, the resources used by daemonset will be taken into account when making scaling down decisions. type: boolean max-empty-bulk-delete: - description: |- - MaxEmptyBulkDelete: The maximum number of empty nodes that can be deleted at the same time. This must be a positive - integer. The default is 10. type: string max-graceful-termination-sec: - description: |- - MaxGracefulTerminationSec: The maximum number of seconds the cluster autoscaler waits for pod termination when trying to - scale down a node. The default is 600. type: string max-node-provision-time: - description: |- - MaxNodeProvisionTime: The maximum time the autoscaler waits for a node to be provisioned. The default is '15m'. Values - must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported. type: string max-total-unready-percentage: - description: |- - MaxTotalUnreadyPercentage: The maximum percentage of unready nodes in the cluster. After this percentage is exceeded, - cluster autoscaler halts operations. The default is 45. The maximum is 100 and the minimum is 0. type: string new-pod-scale-up-delay: - description: |- - NewPodScaleUpDelay: Ignore unscheduled pods before they're a certain age. For scenarios like burst/batch scale where you - don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled - pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, - 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: - description: |- - OkTotalUnreadyCount: The number of allowed unready nodes, irrespective of max-total-unready-percentage. This must be an - integer. The default is 3. type: string scale-down-delay-after-add: - description: |- - ScaleDownDelayAfterAdd: How long after scale up that scale down evaluation resumes. The default is '10m'. Values must be - an integer followed by an 'm'. No unit of time other than minutes (m) is supported. type: string scale-down-delay-after-delete: - description: |- - ScaleDownDelayAfterDelete: How long after node deletion that scale down evaluation resumes. The default is the - scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: |- - ScaleDownDelayAfterFailure: How long after scale down failure that scale down evaluation resumes. The default is '3m'. - Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported. type: string scale-down-unneeded-time: - description: |- - ScaleDownUnneededTime: How long a node should be unneeded before it is eligible for scale down. The default is '10m'. - Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported. type: string scale-down-unready-time: - description: |- - ScaleDownUnreadyTime: How long an unready node should be unneeded before it is eligible for scale down. The default is - '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported. type: string scale-down-utilization-threshold: - description: |- - ScaleDownUtilizationThreshold: Node utilization level, defined as sum of requested resources divided by capacity, below - which a node can be considered for scale down. The default is '0.5'. type: string scan-interval: - description: |- - ScanInterval: How often cluster is reevaluated for scale up or down. The default is '10'. Values must be an integer - number of seconds. type: string skip-nodes-with-local-storage: - description: |- - SkipNodesWithLocalStorage: If cluster autoscaler will skip deleting nodes with pods with local storage, for example, - EmptyDir or HostPath. The default is true. type: string skip-nodes-with-system-pods: - description: |- - SkipNodesWithSystemPods: If cluster autoscaler will skip deleting nodes with pods from kube-system (except for DaemonSet - or mirror pods). The default is true. type: string type: object autoUpgradeProfile: - description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: nodeOSUpgradeChannel: - description: 'NodeOSUpgradeChannel: Node OS Upgrade Channel. Manner in which the OS on your nodes is updated. The default is NodeImage.' enum: - NodeImage - None @@ -39170,9 +25821,6 @@ spec: - Unmanaged type: string upgradeChannel: - description: |- - UpgradeChannel: The upgrade channel for auto upgrade. The default is 'none'. For more information see [setting the AKS - cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). enum: - node-image - none @@ -39182,36 +25830,16 @@ spec: type: string type: object azureMonitorProfile: - description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' properties: metrics: - description: |- - Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. properties: enabled: - description: |- - Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See - aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. type: boolean kubeStateMetrics: - description: |- - KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. properties: metricAnnotationsAllowList: - description: |- - MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource's - labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric - contains only resource name and namespace labels. type: string metricLabelsAllowlist: - description: |- - MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource's - labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only - resource name and namespace labels. type: string type: object required: @@ -39219,192 +25847,117 @@ spec: type: object type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. maxLength: 63 minLength: 1 pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$ type: string bootstrapProfile: - description: 'BootstrapProfile: Profile of the cluster bootstrap configuration.' properties: artifactSource: - description: 'ArtifactSource: The artifact source. The source where the artifacts are downloaded from.' enum: - Cache - Direct type: string containerRegistryReference: - description: |- - ContainerRegistryReference: The resource Id of Azure Container Registry. The registry must have private network access, - premium SKU and zone redundancy. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object disableLocalAccounts: - description: |- - DisableLocalAccounts: If local accounts should be disabled on the Managed Cluster. If set to true, getting static - credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more - details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetReference: - description: |- - DiskEncryptionSetReference: The Resource ID of the disk encryption set to use for enabling encryption at rest. This is - of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object dnsPrefix: - description: 'DnsPrefix: The DNS prefix of the Managed Cluster. This cannot be updated once the Managed Cluster has been created.' type: string enableRBAC: - description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: 'ExtendedLocation: The extended location of the Virtual Machine.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' enum: - EdgeZone type: string type: object fqdnSubdomain: - description: |- - FqdnSubdomain: The FQDN subdomain of the private cluster with custom private dns zone. This cannot be updated once the - Managed Cluster has been created. type: string httpProxyConfig: - description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' properties: httpProxy: - description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: - description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: - description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: - description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object identity: - description: 'Identity: The identity of the managed cluster, if configured.' properties: delegatedResources: additionalProperties: - description: Delegated resource properties - internal use only. properties: location: - description: 'Location: The source resource location - internal use only.' type: string referralResource: - description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' type: string resourceReference: - description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object tenantId: - description: 'TenantId: The tenant id of the delegated resource - internal use only.' pattern: ^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$ type: string type: object - description: |- - DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another - Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object type: - description: |- - Type: The type of identity used for the managed cluster. For more information see [use managed identities in - AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). enum: - None - SystemAssigned - UserAssigned type: string userAssignedIdentities: - description: |- - UserAssignedIdentities: The user identity associated with the managed cluster. This identity will be used in control - plane. Only one user assigned identity is allowed. The keys must be ARM resource IDs in the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. items: - description: Information about the user assigned identity for the resource properties: reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -39412,114 +25965,68 @@ spec: type: object identityProfile: additionalProperties: - description: Details about a user assigned identity. properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string clientIdFromConfig: - description: 'ClientIdFromConfig: The client ID of the user assigned identity.' properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string objectIdFromConfig: - description: 'ObjectIdFromConfig: The object ID of the user assigned identity.' properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object - description: |- - IdentityProfile: The user identity associated with the managed cluster. This identity will be used by the kubelet. Only - one user assigned identity is allowed. The only accepted key is "kubeletidentity", with value of "resourceId": - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}". type: object ingressProfile: - description: 'IngressProfile: Ingress profile for the managed cluster.' properties: webAppRouting: - description: |- - WebAppRouting: App Routing settings for the ingress profile. You can find an overview and onboarding guide for this - feature at https://learn.microsoft.com/en-us/azure/aks/app-routing?tabs=default%2Cdeploy-app-default. properties: dnsZoneResourceReferences: - description: |- - DnsZoneResourceReferences: Resource IDs of the DNS zones to be associated with the Application Routing add-on. Used only - when Application Routing add-on is enabled. Public and private DNS zones can be in different resource groups, but all - public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group. items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array enabled: - description: 'Enabled: Whether to enable the Application Routing add-on.' type: boolean nginx: - description: |- - Nginx: Configuration for the default NginxIngressController. See more at - https://learn.microsoft.com/en-us/azure/aks/app-routing-nginx-configuration#the-default-nginx-ingress-controller. properties: defaultIngressControllerType: - description: 'DefaultIngressControllerType: Ingress type for the default NginxIngressController custom resource' enum: - AnnotationControlled - External @@ -39530,37 +26037,20 @@ spec: type: object type: object kind: - description: 'Kind: This is primarily used to expose different UI experiences in the portal for different kinds' type: string kubernetesVersion: - description: |- - KubernetesVersion: The version of Kubernetes specified by the user. Both patch version (e.g. - 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch - version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x - -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS - cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version - number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not - allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' properties: adminUsername: - description: 'AdminUsername: The administrator username to use for Linux VMs.' pattern: ^[A-Za-z][-A-Za-z0-9_]*$ type: string ssh: - description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' properties: publicKeys: - description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: Contains information about SSH certificate public key data. properties: keyData: - description: |- - KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or - without headers. type: string required: - keyData @@ -39574,75 +26064,42 @@ spec: - ssh type: object location: - description: 'Location: The geo-location where the resource lives' type: string metricsProfile: - description: 'MetricsProfile: Optional cluster metrics configuration.' properties: costAnalysis: - description: 'CostAnalysis: The configuration for detailed per-Kubernetes resource cost analysis.' properties: enabled: - description: |- - Enabled: Whether to enable cost analysis. The Managed Cluster sku.tier must be set to 'Standard' or 'Premium' to enable - this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure - portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis. type: boolean type: object type: object networkProfile: - description: 'NetworkProfile: The network configuration profile.' properties: advancedNetworking: - description: |- - AdvancedNetworking: Advanced Networking profile for enabling observability and security feature suite on a cluster. For - more information see aka.ms/aksadvancednetworking. properties: enabled: - description: |- - Enabled: Indicates the enablement of Advanced Networking functionalities of observability and security on AKS clusters. - When this is set to true, all observability and security features will be set to enabled unless explicitly disabled. If - not specified, the default is false. type: boolean observability: - description: 'Observability: Observability profile to enable advanced network metrics and flow logs with historical contexts.' properties: enabled: - description: 'Enabled: Indicates the enablement of Advanced Networking observability functionalities on clusters.' type: boolean type: object security: - description: 'Security: Security profile to enable security features on cilium based cluster.' properties: advancedNetworkPolicies: - description: |- - AdvancedNetworkPolicies: Enable advanced network policies. This allows users to configure Layer 7 network policies - (FQDN, HTTP, Kafka). Policies themselves must be configured via the Cilium Network Policy resources, see - https://docs.cilium.io/en/latest/security/policy/index.html. This can be enabled only on cilium-based clusters. If not - specified, the default value is FQDN if security.enabled is set to true. enum: - FQDN - L7 - None type: string enabled: - description: |- - Enabled: This feature allows user to configure network policy based on DNS (FQDN) names. It can be enabled only on - cilium based clusters. If not specified, the default is false. type: boolean type: object type: object dnsServiceIP: - description: |- - DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address - range specified in serviceCidr. pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ type: string ipFamilies: - description: |- - IpFamilies: The IP families used to specify IP versions available to the cluster. IP families are used to determine - single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values - are IPv4 and IPv6. items: enum: - IPv4 @@ -39650,106 +26107,68 @@ spec: type: string type: array loadBalancerProfile: - description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: |- - AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 - (inclusive). The default value is 0 which results in Azure dynamically allocating ports. maximum: 64000 minimum: 0 type: integer backendPoolType: - description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' enum: - NodeIP - NodeIPConfiguration type: string enableMultipleStandardLoadBalancers: - description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 30 minutes. maximum: 120 minimum: 4 type: integer managedOutboundIPs: - description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: |- - Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values - must be in the range of 1 to 100 (inclusive). The default value is 1. maximum: 100 minimum: 1 type: integer countIPv6: - description: |- - CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed - values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. maximum: 100 minimum: 0 type: integer type: object outboundIPPrefixes: - description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' properties: publicIPPrefixes: - description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: A reference to an Azure resource. properties: reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array type: object outboundIPs: - description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' properties: publicIPs: - description: 'PublicIPs: A list of public IP resources.' items: - description: A reference to an Azure resource. properties: reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -39757,64 +26176,45 @@ spec: type: object type: object loadBalancerSku: - description: |- - LoadBalancerSku: The load balancer sku for the managed cluster. The default is 'standard'. See [Azure Load Balancer - SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load - balancer SKUs. enum: - basic - standard type: string natGatewayProfile: - description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' properties: idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 4 minutes. maximum: 120 minimum: 4 type: integer managedOutboundIPProfile: - description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: |- - Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 - (inclusive). The default value is 1. maximum: 16 minimum: 1 type: integer type: object type: object networkDataplane: - description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' enum: - azure - cilium type: string networkMode: - description: |- - NetworkMode: The network mode Azure CNI is configured with. This cannot be specified if networkPlugin is anything other - than 'azure'. enum: - bridge - transparent type: string networkPlugin: - description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' enum: - azure - kubenet - none type: string networkPluginMode: - description: 'NetworkPluginMode: The mode the network plugin should use.' enum: - overlay type: string networkPolicy: - description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' enum: - azure - calico @@ -39822,9 +26222,6 @@ spec: - none type: string outboundType: - description: |- - OutboundType: The outbound (egress) routing method. This can only be set at cluster creation time and cannot be changed - later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). enum: - loadBalancer - managedNATGateway @@ -39833,112 +26230,63 @@ spec: - userDefinedRouting type: string podCidr: - description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string podCidrs: - description: |- - PodCidrs: The CIDR notation IP ranges from which to assign pod IPs. One IPv4 CIDR is expected for single-stack - networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. items: type: string type: array serviceCidr: - description: |- - ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP - ranges. pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ type: string serviceCidrs: - description: |- - ServiceCidrs: The CIDR notation IP ranges from which to assign service cluster IPs. One IPv4 CIDR is expected for - single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must - not overlap with any Subnet IP ranges. items: type: string type: array staticEgressGatewayProfile: - description: |- - StaticEgressGatewayProfile: The profile for Static Egress Gateway addon. For more details about Static Egress Gateway, - see https://aka.ms/aks/static-egress-gateway. properties: enabled: - description: 'Enabled: Enable Static Egress Gateway addon. Indicates if Static Egress Gateway addon is enabled or not.' type: boolean type: object type: object nodeProvisioningProfile: - description: 'NodeProvisioningProfile: Node provisioning settings that apply to the whole cluster.' properties: defaultNodePools: - description: |- - DefaultNodePools: The set of default Karpenter NodePools (CRDs) configured for node provisioning. This field has no - effect unless mode is 'Auto'. Warning: Changing this from Auto to None on an existing cluster will cause the default - Karpenter NodePools to be deleted, which will drain and delete the nodes associated with those pools. It is strongly - recommended to not do this unless there are idle nodes ready to take the pods evicted by that action. If not specified, - the default is Auto. For more information see aka.ms/aks/nap#node-pools. enum: - Auto - None type: string mode: - description: 'Mode: The node provisioning mode. If not specified, the default is Manual.' enum: - Auto - Manual type: string type: object nodeResourceGroup: - description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string nodeResourceGroupProfile: - description: 'NodeResourceGroupProfile: Profile of the node resource group configuration.' properties: restrictionLevel: - description: |- - RestrictionLevel: The restriction level applied to the cluster's node resource group. If not specified, the default is - 'Unrestricted' enum: - ReadOnly - Unrestricted type: string type: object oidcIssuerProfile: - description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' properties: enabled: - description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean type: object operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -39946,20 +26294,12 @@ spec: type: object type: array configMaps: - description: 'ConfigMaps: configures where to place operator written ConfigMaps.' properties: oidcIssuerProfile: - description: |- - OIDCIssuerProfile: indicates where the OIDCIssuerProfile config map should be placed. If omitted, no config map will be - created. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -39967,29 +26307,13 @@ spec: type: object type: object secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -39997,37 +26321,22 @@ spec: type: object type: array secrets: - description: 'Secrets: configures where to place Azure generated secrets.' properties: adminCredentials: - description: |- - AdminCredentials: indicates where the AdminCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key - name type: object userCredentials: - description: |- - UserCredentials: indicates where the UserCredentials secret should be placed. If omitted, the secret will not be - retrieved from Azure. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key @@ -40036,108 +26345,66 @@ spec: type: object type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podIdentityProfile: - description: |- - PodIdentityProfile: The pod identity profile of the Managed Cluster. See [use AAD pod - identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity - integration. properties: allowNetworkPluginKubenet: - description: |- - AllowNetworkPluginKubenet: Whether pod identity is allowed to run on clusters with Kubenet networking. Running in - Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See - [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. type: boolean enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' type: boolean userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' items: - description: Details about the pod identity assigned to the Managed Cluster. properties: bindingSelector: - description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: 'Identity: The user assigned identity details.' properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string clientIdFromConfig: - description: 'ClientIdFromConfig: The client ID of the user assigned identity.' properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string objectIdFromConfig: - description: 'ObjectIdFromConfig: The object ID of the user assigned identity.' properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object name: - description: 'Name: The name of the pod identity.' type: string namespace: - description: 'Namespace: The namespace of the pod identity.' type: string required: - identity @@ -40146,24 +26413,15 @@ spec: type: object type: array userAssignedIdentityExceptions: - description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: |- - A pod identity exception, which allows pods with certain labels to access the Azure Instance Metadata Service (IMDS) - endpoint without being intercepted by the node-managed identity (NMI) server. See [disable AAD Pod Identity for a - specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more - details. properties: name: - description: 'Name: The name of the pod identity exception.' type: string namespace: - description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string - description: 'PodLabels: The pod labels to match.' type: object required: - name @@ -40173,241 +26431,149 @@ spec: type: array type: object privateLinkResources: - description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: A private link resource properties: groupId: - description: 'GroupId: The group ID of the resource.' type: string name: - description: 'Name: The name of the private link resource.' type: string reference: - description: 'Reference: The ID of the private link resource.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requiredMembers: - description: 'RequiredMembers: The RequiredMembers of the resource' items: type: string type: array type: - description: 'Type: The resource type.' type: string type: object type: array publicNetworkAccess: - description: 'PublicNetworkAccess: PublicNetworkAccess of the managedCluster. Allow or deny public network access for AKS' enum: - Disabled - Enabled type: string securityProfile: - description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: |- - AzureKeyVaultKms: Azure Key Vault [key management - service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: - description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: |- - KeyId: Identifier of Azure Key Vault key. See [key identifier - format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) - for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key - identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: |- - KeyVaultNetworkAccess: Network access of the key vault. Network access of key vault. The possible values are `Public` - and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault - disables public access and enables private link. The default value is `Public`. enum: - Private - Public type: string keyVaultResourceReference: - description: |- - KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and - must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object customCATrustCertificates: - description: |- - CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on all nodes in - the cluster. For more information see [Custom CA Trust - Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority). items: type: string maxItems: 10 minItems: 0 type: array defender: - description: 'Defender: Microsoft Defender settings for the security profile.' properties: logAnalyticsWorkspaceResourceReference: - description: |- - LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft - Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When - Microsoft Defender is disabled, leave the field empty. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object securityMonitoring: - description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Defender threat detection' type: boolean type: object type: object imageCleaner: - description: 'ImageCleaner: Image Cleaner settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' type: boolean intervalHours: - description: 'IntervalHours: Image Cleaner scanning interval in hours.' type: integer type: object workloadIdentity: - description: |- - WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications - to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: - description: 'Enabled: Whether to enable workload identity.' type: boolean type: object type: object serviceMeshProfile: - description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' properties: istio: - description: 'Istio: Istio service mesh configuration.' properties: certificateAuthority: - description: |- - CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin - certificates as described here https://aka.ms/asm-plugin-ca properties: plugin: - description: 'Plugin: Plugin certificates information for Service Mesh.' properties: certChainObjectName: - description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' type: string certObjectName: - description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' type: string keyObjectName: - description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' type: string keyVaultReference: - description: 'KeyVaultReference: The resource ID of the Key Vault.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object rootCertObjectName: - description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' type: string type: object type: object components: - description: 'Components: Istio components configuration.' properties: egressGateways: - description: 'EgressGateways: Istio egress gateways.' items: - description: Istio egress gateway configuration. properties: enabled: - description: 'Enabled: Whether to enable the egress gateway.' type: boolean required: - enabled type: object type: array ingressGateways: - description: 'IngressGateways: Istio ingress gateways.' items: - description: |- - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: enabled: - description: 'Enabled: Whether to enable the ingress gateway.' type: boolean mode: - description: 'Mode: Mode of an ingress gateway.' enum: - External - Internal @@ -40419,17 +26585,12 @@ spec: type: array type: object revisions: - description: |- - Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. - When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: - https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string maxItems: 2 type: array type: object mode: - description: 'Mode: Mode of the service mesh.' enum: - Disabled - Istio @@ -40438,23 +26599,14 @@ spec: - mode type: object servicePrincipalProfile: - description: |- - ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure - APIs. properties: clientId: - description: 'ClientId: The ID for the service principal.' type: string secret: - description: 'Secret: The secret password associated with the service principal in plain text.' properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key @@ -40464,18 +26616,13 @@ spec: - clientId type: object sku: - description: 'Sku: The managed cluster SKU.' properties: name: - description: 'Name: The name of a managed cluster SKU.' enum: - Automatic - Base type: string tier: - description: |- - Tier: The tier of a managed cluster SKU. If not specified, the default is 'Free'. See [AKS Pricing - Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. enum: - Free - Premium @@ -40483,39 +26630,29 @@ spec: type: string type: object storageProfile: - description: 'StorageProfile: Storage profile for the managed cluster.' properties: blobCSIDriver: - description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' type: boolean type: object diskCSIDriver: - description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' type: boolean type: object fileCSIDriver: - description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' type: boolean type: object snapshotController: - description: 'SnapshotController: Snapshot Controller settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' type: boolean type: object type: object supportPlan: - description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' enum: - AKSLongTermSupport - KubernetesOfficial @@ -40523,91 +26660,43 @@ spec: tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading a cluster.' properties: overrideSettings: - description: 'OverrideSettings: Settings for overrides.' properties: forceUpgrade: - description: |- - ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade - protections such as checking for deprecated API usage. Enable this option only with caution. type: boolean until: - description: |- - Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the - effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set - by default. It must be set for the overrides to take effect. type: string type: object type: object windowsProfile: - description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: adminPassword: - description: |- - AdminPassword: Specifies the password of the administrator account. - Minimum-length: 8 characters - Max-length: 123 characters - Complexity requirements: 3 out of 4 conditions below need to be fulfilled - Has lower characters - Has upper characters - Has a digit - Has a special character (Regex match [\W_]) - Disallowed values: "abc@123", "P@$$$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$$$word", "pass@word1", "Password!", "Password1", - "Password22", "iloveyou!" properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key - name type: object adminUsername: - description: |- - AdminUsername: Specifies the name of the administrator account. - Restriction: Cannot end in "." - Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", - "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", - "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". - Minimum-length: 1 character - Max-length: 20 characters type: string enableCSIProxy: - description: |- - EnableCSIProxy: Whether to enable CSI proxy. For more details on CSI proxy, see the [CSI proxy GitHub - repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: - description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: |- - DnsServer: Specifies the DNS server for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: - description: 'Enabled: Whether to enable Windows gMSA. Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: |- - RootDomainName: Specifies the root domain name for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: |- - LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User - Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. enum: - None - Windows_Server @@ -40616,22 +26705,17 @@ spec: - adminUsername type: object workloadAutoScalerProfile: - description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' properties: keda: - description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' properties: enabled: - description: 'Enabled: Whether to enable KEDA.' type: boolean required: - enabled type: object verticalPodAutoscaler: - description: 'VerticalPodAutoscaler: VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.' properties: enabled: - description: 'Enabled: Whether to enable VPA. Default value is false.' type: boolean required: - enabled @@ -40642,937 +26726,495 @@ spec: - owner type: object status: - description: Managed cluster. properties: aadProfile: - description: 'AadProfile: The Azure Active Directory configuration.' properties: adminGroupObjectIDs: - description: 'AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.' items: type: string type: array clientAppID: - description: 'ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string enableAzureRBAC: - description: 'EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.' type: boolean managed: - description: 'Managed: Whether to enable managed AAD.' type: boolean serverAppID: - description: 'ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.' type: string serverAppSecret: - description: 'ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.' type: string tenantID: - description: |- - TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment - subscription. type: string type: object addonProfiles: additionalProperties: - description: A Kubernetes add-on profile for a managed cluster. properties: config: additionalProperties: type: string - description: 'Config: Key-value pairs for configuring an add-on.' type: object enabled: - description: 'Enabled: Whether the add-on is enabled or not.' type: boolean identity: - description: 'Identity: Information of user assigned identity used by this add-on.' properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string type: object type: object - description: 'AddonProfiles: The profile of managed cluster add-on.' type: object agentPoolProfiles: - description: 'AgentPoolProfiles: The agent pool properties.' items: - description: Profile for the container service agent pool. properties: availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array capacityReservationGroupID: - description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' type: string count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: The version of Kubernetes the Agent Pool is running. If orchestratorVersion is a fully - specified version , this field will be exactly equal to it. If orchestratorVersion is , - this field will contain the full version being used. type: string eTag: - description: |- - ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is - updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic - concurrency per the normal etag convention. type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: Whether to enable host based OS and data drive encryption. This is only supported on certain VM - sizes and in certain Azure regions. For more information, see: - https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: Whether to use a FIPS-enabled OS. See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Whether each node is allocated its own public IP. Some scenarios may require nodes in a node pool to - receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to - make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP - per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). - The default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gatewayProfile: - description: |- - GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is - not Gateway. properties: publicIPPrefixSize: - description: |- - PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide - public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with - one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure - public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 - nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. type: integer type: object gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string gpuProfile: - description: 'GpuProfile: GPU settings for the Agent Pool.' properties: driver: - description: 'Driver: Whether to install GPU drivers. When it''s not specified, default is Install.' type: string type: object hostGroupID: - description: |- - HostGroupID: The fully qualified resource ID of the Dedicated Host Group to provision virtual machines from, used only - in creation scenario and not allowed to changed once set. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: If CPU CFS quota enforcement is enabled for containers that specify CPU limits. The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The CPU CFS quota period value. The default is '100ms.' Valid values are a sequence of decimal - numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', - 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The CPU Manager policy to use. The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: |- - ImageGcHighThreshold: The percent of disk usage after which image garbage collection is always run. To disable image - garbage collection, set to 100. The default is 85% type: integer imageGcLowThreshold: - description: |- - ImageGcLowThreshold: The percent of disk usage before which image garbage collection is never run. This cannot be set - higher than imageGcHighThreshold. The default is 80% type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: The Topology Manager policy to use. For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Whether the kernel should make aggressive use of memory compaction to make more hugepages - available. Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For - more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Whether transparent hugepages are enabled. Valid values are 'always', 'madvise', and - 'never'. The default is 'always'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: - description: |- - MessageOfTheDay: Message of the day for Linux nodes, base64-encoded. A base64-encoded string which will be written to - /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified - for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script). type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: The mode of an agent pool. A cluster must have at least one 'System' Agent Pool at all times. For additional - information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: - description: |- - Name: Unique name of the agent pool profile in the context of the subscription and resource group. Windows agent pool - names must be 6 characters or less. type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. type: integer protocol: - description: 'Protocol: The network protocol of the port.' type: string type: object type: array applicationSecurityGroups: - description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' items: type: string type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object nodeImageVersion: - description: 'NodeImageVersion: The version of node image' type: string nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: The public IP prefix ID which VM nodes should use IPs from. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: The version of Kubernetes specified by the user. Both patch version (e.g. - 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch - version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x - -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade - all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version - as the control plane. The node pool minor version must be within two minor versions of the control plane version. The - node pool version cannot be greater than the control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: |- - OsDiskType: The OS disk type to be used for machines in the agent pool. The default is 'Ephemeral' if the VM supports it - and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after - creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. type: string osType: - description: 'OsType: The operating system type. The default is Linux.' type: string podIPAllocationMode: - description: |- - PodIPAllocationMode: Pod IP Allocation Mode. The IP allocation mode for pods in the agent pool. Must be used with - podSubnetId. The default is 'DynamicIndividual'. type: string podSubnetID: - description: |- - PodSubnetID: The ID of the subnet which pods will join when launched. If omitted, pod IPs are statically assigned on the - node subnet (see vnetSubnetID for more details). This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: |- - PowerState: Whether the Agent Pool is running or stopped. When an Agent Pool is first created it is initially Running. - The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not - accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' type: string proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string scaleDownMode: - description: |- - ScaleDownMode: The scale down mode to use when scaling the Agent Pool. This also effects the cluster autoscaler - behavior. If not specified, it defaults to Delete. type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: The Virtual Machine Scale Set eviction policy to use. This cannot be specified unless the - scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'. type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean sshAccess: - description: 'SshAccess: SSH access method of an agent pool.' type: string type: object spotMaxPrice: - description: |- - SpotMaxPrice: The max price (in US Dollars) you are willing to pay for spot instances. Possible values are any decimal - value greater than zero or -1 which indicates default price to be up-to on-demand. Possible values are any decimal value - greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, - see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number status: - description: 'Status: Contains read-only information about the Agent Pool.' properties: provisioningError: - description: |- - ProvisioningError: The error detail information of the agent pool. Preserves the detailed info of failure. If there was - no error, this field is omitted. properties: additionalInfo: - description: 'AdditionalInfo: The error additional info.' items: - description: The resource management error additional info. properties: info: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Info: The additional info.' type: object type: - description: 'Type: The additional info type.' type: string type: object type: array code: - description: 'Code: The error code.' type: string details: - description: 'Details: The error details.' items: properties: additionalInfo: - description: 'AdditionalInfo: The error additional info.' items: - description: The resource management error additional info. properties: info: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Info: The additional info.' type: object type: - description: 'Type: The additional info type.' type: string type: object type: array code: - description: 'Code: The error code.' type: string message: - description: 'Message: The error message.' type: string target: - description: 'Target: The error target.' type: string type: object type: array message: - description: 'Message: The error message.' type: string target: - description: 'Target: The error target.' type: string type: object type: object tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The drain timeout for a node. The amount of time (in minutes) to wait on eviction of pods and - graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is - exceeded, the upgrade fails. If not specified, the default is 30 minutes. type: integer maxSurge: - description: |- - MaxSurge: The maximum number or percentage of nodes that are surged during upgrade. This can either be set to an integer - (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size - at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 10%. For - more information, including best practices, see: https://learn.microsoft.com/en-us/azure/aks/upgrade-cluster type: string maxUnavailable: - description: |- - MaxUnavailable: The maximum number or percentage of nodes that can be simultaneously unavailable during upgrade. This - can either be set to an integer (e.g. '1') or a percentage (e.g. '5%'). If a percentage is specified, it is the - percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If - not specified, the default is 0. For more information, including best practices, see: - https://learn.microsoft.com/en-us/azure/aks/upgrade-cluster type: string nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The soak duration for a node. The amount of time (in minutes) to wait after draining a node - and before reimaging it and moving on to next node. If not specified, the default is 0 minutes. type: integer undrainableNodeBehavior: - description: |- - UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable - nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the - remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. type: string type: object virtualMachineNodesStatus: items: - description: Current status on a group of nodes of the same vm size. properties: count: - description: 'Count: Number of nodes.' type: integer size: - description: 'Size: The VM size of the agents used to host this group of nodes.' type: string type: object type: array virtualMachinesProfile: - description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' properties: scale: - description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' properties: manual: - description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' items: - description: Specifications on number of machines. properties: count: - description: 'Count: Number of nodes.' type: integer size: - description: |- - Size: VM size that AKS will use when creating and scaling e.g. 'Standard_E4s_v3', 'Standard_E16s_v3' or - 'Standard_D16s_v5'. type: string type: object type: array type: object type: object vmSize: - description: |- - VmSize: The size of the agent pool VMs. VM size availability varies by region. If a node contains insufficient compute - resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: |- - VnetSubnetID: The ID of the subnet which agent pool nodes and optionally pods will join on startup. If this is not - specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, - otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: |- - DisableOutboundNat: Whether to disable OutboundNAT in windows nodes. The default value is false. Outbound NAT can only - be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: array aiToolchainOperatorProfile: - description: 'AiToolchainOperatorProfile: AI toolchain operator settings that apply to the whole cluster.' properties: enabled: - description: 'Enabled: Whether to enable AI toolchain operator to the cluster. Indicates if AI toolchain operator enabled or not.' type: boolean type: object apiServerAccessProfile: - description: 'ApiServerAccessProfile: The access profile for managed cluster API server.' properties: authorizedIPRanges: - description: |- - AuthorizedIPRanges: The IP ranges authorized to access the Kubernetes API server. IP ranges are specified in CIDR - format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters - that are using a Basic Load Balancer. For more information see [API server authorized IP - ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges). items: type: string type: array disableRunCommand: - description: 'DisableRunCommand: Whether to disable run command for the cluster or not.' type: boolean enablePrivateCluster: - description: |- - EnablePrivateCluster: Whether to create the cluster as a private cluster or not. For more details, see [Creating a - private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters). type: boolean enablePrivateClusterPublicFQDN: - description: 'EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.' type: boolean enableVnetIntegration: - description: |- - EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not. See - aka.ms/AksVnetIntegration for more details. type: boolean privateDNSZone: - description: |- - PrivateDNSZone: The private DNS zone mode for the cluster. The default is System. For more details see [configure - private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are - 'system' and 'none'. type: string subnetId: - description: |- - SubnetId: The subnet to be used when apiserver vnet integration is enabled. It is required when creating a new cluster - with BYO Vnet, or when updating an existing cluster to enable apiserver vnet integration. type: string type: object autoScalerProfile: - description: 'AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled' properties: balance-similar-node-groups: - description: |- - BalanceSimilarNodeGroups: Detects similar node pools and balances the number of nodes between them. Valid values are - 'true' and 'false' type: string daemonset-eviction-for-empty-nodes: - description: |- - DaemonsetEvictionForEmptyNodes: DaemonSet pods will be gracefully terminated from empty nodes. If set to true, all - daemonset pods on empty nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted - another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods - are deleted or evicted. type: boolean daemonset-eviction-for-occupied-nodes: - description: |- - DaemonsetEvictionForOccupiedNodes: DaemonSet pods will be gracefully terminated from non-empty nodes. If set to true, - all daemonset pods on occupied nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted - another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods - are deleted or evicted. type: boolean expander: - description: |- - Expander: The expander to use when scaling up. If not specified, the default is 'random'. See - [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more - information. type: string ignore-daemonsets-utilization: - description: |- - IgnoreDaemonsetsUtilization: Should CA ignore DaemonSet pods when calculating resource utilization for scaling down. If - set to true, the resources used by daemonset will be taken into account when making scaling down decisions. type: boolean max-empty-bulk-delete: - description: |- - MaxEmptyBulkDelete: The maximum number of empty nodes that can be deleted at the same time. This must be a positive - integer. The default is 10. type: string max-graceful-termination-sec: - description: |- - MaxGracefulTerminationSec: The maximum number of seconds the cluster autoscaler waits for pod termination when trying to - scale down a node. The default is 600. type: string max-node-provision-time: - description: |- - MaxNodeProvisionTime: The maximum time the autoscaler waits for a node to be provisioned. The default is '15m'. Values - must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported. type: string max-total-unready-percentage: - description: |- - MaxTotalUnreadyPercentage: The maximum percentage of unready nodes in the cluster. After this percentage is exceeded, - cluster autoscaler halts operations. The default is 45. The maximum is 100 and the minimum is 0. type: string new-pod-scale-up-delay: - description: |- - NewPodScaleUpDelay: Ignore unscheduled pods before they're a certain age. For scenarios like burst/batch scale where you - don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled - pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, - 'm' for minutes, 'h' for hours, etc). type: string ok-total-unready-count: - description: |- - OkTotalUnreadyCount: The number of allowed unready nodes, irrespective of max-total-unready-percentage. This must be an - integer. The default is 3. type: string scale-down-delay-after-add: - description: |- - ScaleDownDelayAfterAdd: How long after scale up that scale down evaluation resumes. The default is '10m'. Values must be - an integer followed by an 'm'. No unit of time other than minutes (m) is supported. type: string scale-down-delay-after-delete: - description: |- - ScaleDownDelayAfterDelete: How long after node deletion that scale down evaluation resumes. The default is the - scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported. type: string scale-down-delay-after-failure: - description: |- - ScaleDownDelayAfterFailure: How long after scale down failure that scale down evaluation resumes. The default is '3m'. - Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported. type: string scale-down-unneeded-time: - description: |- - ScaleDownUnneededTime: How long a node should be unneeded before it is eligible for scale down. The default is '10m'. - Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported. type: string scale-down-unready-time: - description: |- - ScaleDownUnreadyTime: How long an unready node should be unneeded before it is eligible for scale down. The default is - '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported. type: string scale-down-utilization-threshold: - description: |- - ScaleDownUtilizationThreshold: Node utilization level, defined as sum of requested resources divided by capacity, below - which a node can be considered for scale down. The default is '0.5'. type: string scan-interval: - description: |- - ScanInterval: How often cluster is reevaluated for scale up or down. The default is '10'. Values must be an integer - number of seconds. type: string skip-nodes-with-local-storage: - description: |- - SkipNodesWithLocalStorage: If cluster autoscaler will skip deleting nodes with pods with local storage, for example, - EmptyDir or HostPath. The default is true. type: string skip-nodes-with-system-pods: - description: |- - SkipNodesWithSystemPods: If cluster autoscaler will skip deleting nodes with pods from kube-system (except for DaemonSet - or mirror pods). The default is true. type: string type: object autoUpgradeProfile: - description: 'AutoUpgradeProfile: The auto upgrade configuration.' properties: nodeOSUpgradeChannel: - description: 'NodeOSUpgradeChannel: Node OS Upgrade Channel. Manner in which the OS on your nodes is updated. The default is NodeImage.' type: string upgradeChannel: - description: |- - UpgradeChannel: The upgrade channel for auto upgrade. The default is 'none'. For more information see [setting the AKS - cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel). type: string type: object azureMonitorProfile: - description: 'AzureMonitorProfile: Azure Monitor addon profiles for monitoring the managed cluster.' properties: metrics: - description: |- - Metrics: Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. properties: enabled: - description: |- - Enabled: Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See - aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling. type: boolean kubeStateMetrics: - description: |- - KubeStateMetrics: Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. properties: metricAnnotationsAllowList: - description: |- - MetricAnnotationsAllowList: Comma-separated list of Kubernetes annotation keys that will be used in the resource's - labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric - contains only resource name and namespace labels. type: string metricLabelsAllowlist: - description: |- - MetricLabelsAllowlist: Comma-separated list of additional Kubernetes label keys that will be used in the resource's - labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only - resource name and namespace labels. type: string type: object type: object type: object azurePortalFQDN: - description: |- - AzurePortalFQDN: The special FQDN used by the Azure Portal to access the Managed Cluster. This FQDN is for use only by - the Azure Portal and should not be used by other clients. The Azure Portal requires certain Cross-Origin Resource - Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn't handle by default. This special - FQDN supports CORS, allowing the Azure Portal to function properly. type: string bootstrapProfile: - description: 'BootstrapProfile: Profile of the cluster bootstrap configuration.' properties: artifactSource: - description: 'ArtifactSource: The artifact source. The source where the artifacts are downloaded from.' type: string containerRegistryId: - description: |- - ContainerRegistryId: The resource Id of Azure Container Registry. The registry must have private network access, premium - SKU and zone redundancy. type: string type: object conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -41582,1028 +27224,612 @@ spec: type: object type: array currentKubernetesVersion: - description: |- - CurrentKubernetesVersion: The version of Kubernetes the Managed Cluster is running. If kubernetesVersion was a fully - specified version , this field will be exactly equal to it. If kubernetesVersion was , - this field will contain the full version being used. type: string disableLocalAccounts: - description: |- - DisableLocalAccounts: If local accounts should be disabled on the Managed Cluster. If set to true, getting static - credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more - details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). type: boolean diskEncryptionSetID: - description: |- - DiskEncryptionSetID: The Resource ID of the disk encryption set to use for enabling encryption at rest. This is of the - form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' type: string dnsPrefix: - description: 'DnsPrefix: The DNS prefix of the Managed Cluster. This cannot be updated once the Managed Cluster has been created.' type: string eTag: - description: |- - ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is - updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic - concurrency per the normal etag convention. type: string enableRBAC: - description: 'EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.' type: boolean extendedLocation: - description: 'ExtendedLocation: The extended location of the Virtual Machine.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' type: string type: object fqdn: - description: 'Fqdn: The FQDN of the master pool.' type: string fqdnSubdomain: - description: |- - FqdnSubdomain: The FQDN subdomain of the private cluster with custom private dns zone. This cannot be updated once the - Managed Cluster has been created. type: string httpProxyConfig: - description: 'HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.' properties: httpProxy: - description: 'HttpProxy: The HTTP proxy server endpoint to use.' type: string httpsProxy: - description: 'HttpsProxy: The HTTPS proxy server endpoint to use.' type: string noProxy: - description: 'NoProxy: The endpoints that should not go through proxy.' items: type: string type: array trustedCa: - description: 'TrustedCa: Alternative CA cert to use for connecting to proxy servers.' type: string type: object id: - description: |- - Id: Fully qualified resource ID for the resource. E.g. - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" type: string identity: - description: 'Identity: The identity of the managed cluster, if configured.' properties: delegatedResources: additionalProperties: - description: Delegated resource properties - internal use only. properties: location: - description: 'Location: The source resource location - internal use only.' type: string referralResource: - description: 'ReferralResource: The delegation id of the referral delegation (optional) - internal use only.' type: string resourceId: - description: 'ResourceId: The ARM resource id of the delegated resource - internal use only.' type: string tenantId: - description: 'TenantId: The tenant id of the delegated resource - internal use only.' type: string type: object - description: |- - DelegatedResources: The delegated identity resources assigned to this managed cluster. This can only be set by another - Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only. type: object principalId: - description: 'PrincipalId: The principal id of the system assigned identity which is used by master components.' type: string tenantId: - description: 'TenantId: The tenant id of the system assigned identity which is used by master components.' type: string type: - description: |- - Type: The type of identity used for the managed cluster. For more information see [use managed identities in - AKS](https://docs.microsoft.com/azure/aks/use-managed-identity). type: string userAssignedIdentities: additionalProperties: properties: clientId: - description: 'ClientId: The client id of user assigned identity.' type: string principalId: - description: 'PrincipalId: The principal id of user assigned identity.' type: string type: object - description: |- - UserAssignedIdentities: The user identity associated with the managed cluster. This identity will be used in control - plane. Only one user assigned identity is allowed. The keys must be ARM resource IDs in the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. type: object type: object identityProfile: additionalProperties: - description: Details about a user assigned identity. properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string type: object - description: |- - IdentityProfile: The user identity associated with the managed cluster. This identity will be used by the kubelet. Only - one user assigned identity is allowed. The only accepted key is "kubeletidentity", with value of "resourceId": - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}". type: object ingressProfile: - description: 'IngressProfile: Ingress profile for the managed cluster.' properties: webAppRouting: - description: |- - WebAppRouting: App Routing settings for the ingress profile. You can find an overview and onboarding guide for this - feature at https://learn.microsoft.com/en-us/azure/aks/app-routing?tabs=default%2Cdeploy-app-default. properties: dnsZoneResourceIds: - description: |- - DnsZoneResourceIds: Resource IDs of the DNS zones to be associated with the Application Routing add-on. Used only when - Application Routing add-on is enabled. Public and private DNS zones can be in different resource groups, but all public - DNS zones must be in the same resource group and all private DNS zones must be in the same resource group. items: type: string type: array enabled: - description: 'Enabled: Whether to enable the Application Routing add-on.' type: boolean identity: - description: |- - Identity: Managed identity of the Application Routing add-on. This is the identity that should be granted permissions, - for example, to manage the associated Azure DNS resource and get certificates from Azure Key Vault. See [this overview - of the add-on](https://learn.microsoft.com/en-us/azure/aks/web-app-routing?tabs=with-osm) for more instructions. properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string type: object nginx: - description: |- - Nginx: Configuration for the default NginxIngressController. See more at - https://learn.microsoft.com/en-us/azure/aks/app-routing-nginx-configuration#the-default-nginx-ingress-controller. properties: defaultIngressControllerType: - description: 'DefaultIngressControllerType: Ingress type for the default NginxIngressController custom resource' type: string type: object type: object type: object kind: - description: 'Kind: This is primarily used to expose different UI experiences in the portal for different kinds' type: string kubernetesVersion: - description: |- - KubernetesVersion: The version of Kubernetes specified by the user. Both patch version (e.g. - 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch - version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x - -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS - cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version - number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not - allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. type: string linuxProfile: - description: 'LinuxProfile: The profile for Linux VMs in the Managed Cluster.' properties: adminUsername: - description: 'AdminUsername: The administrator username to use for Linux VMs.' type: string ssh: - description: 'Ssh: The SSH configuration for Linux-based VMs running on Azure.' properties: publicKeys: - description: 'PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.' items: - description: Contains information about SSH certificate public key data. properties: keyData: - description: |- - KeyData: Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or - without headers. type: string type: object type: array type: object type: object location: - description: 'Location: The geo-location where the resource lives' type: string maxAgentPools: - description: 'MaxAgentPools: The max number of agent pools for the managed cluster.' type: integer metricsProfile: - description: 'MetricsProfile: Optional cluster metrics configuration.' properties: costAnalysis: - description: 'CostAnalysis: The configuration for detailed per-Kubernetes resource cost analysis.' properties: enabled: - description: |- - Enabled: Whether to enable cost analysis. The Managed Cluster sku.tier must be set to 'Standard' or 'Premium' to enable - this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure - portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis. type: boolean type: object type: object name: - description: 'Name: The name of the resource' type: string networkProfile: - description: 'NetworkProfile: The network configuration profile.' properties: advancedNetworking: - description: |- - AdvancedNetworking: Advanced Networking profile for enabling observability and security feature suite on a cluster. For - more information see aka.ms/aksadvancednetworking. properties: enabled: - description: |- - Enabled: Indicates the enablement of Advanced Networking functionalities of observability and security on AKS clusters. - When this is set to true, all observability and security features will be set to enabled unless explicitly disabled. If - not specified, the default is false. type: boolean observability: - description: 'Observability: Observability profile to enable advanced network metrics and flow logs with historical contexts.' properties: enabled: - description: 'Enabled: Indicates the enablement of Advanced Networking observability functionalities on clusters.' type: boolean type: object security: - description: 'Security: Security profile to enable security features on cilium based cluster.' properties: advancedNetworkPolicies: - description: |- - AdvancedNetworkPolicies: Enable advanced network policies. This allows users to configure Layer 7 network policies - (FQDN, HTTP, Kafka). Policies themselves must be configured via the Cilium Network Policy resources, see - https://docs.cilium.io/en/latest/security/policy/index.html. This can be enabled only on cilium-based clusters. If not - specified, the default value is FQDN if security.enabled is set to true. type: string enabled: - description: |- - Enabled: This feature allows user to configure network policy based on DNS (FQDN) names. It can be enabled only on - cilium based clusters. If not specified, the default is false. type: boolean type: object type: object dnsServiceIP: - description: |- - DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address - range specified in serviceCidr. type: string ipFamilies: - description: |- - IpFamilies: The IP families used to specify IP versions available to the cluster. IP families are used to determine - single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values - are IPv4 and IPv6. items: type: string type: array loadBalancerProfile: - description: 'LoadBalancerProfile: Profile of the cluster load balancer.' properties: allocatedOutboundPorts: - description: |- - AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 - (inclusive). The default value is 0 which results in Azure dynamically allocating ports. type: integer backendPoolType: - description: 'BackendPoolType: The type of the managed inbound Load Balancer BackendPool.' type: string effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.' items: - description: A reference to an Azure resource. properties: id: - description: 'Id: The fully qualified Azure resource id.' type: string type: object type: array enableMultipleStandardLoadBalancers: - description: 'EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.' type: boolean idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 30 minutes. type: integer managedOutboundIPs: - description: 'ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.' properties: count: - description: |- - Count: The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values - must be in the range of 1 to 100 (inclusive). The default value is 1. type: integer countIPv6: - description: |- - CountIPv6: The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed - values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. type: integer type: object outboundIPPrefixes: - description: 'OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.' properties: publicIPPrefixes: - description: 'PublicIPPrefixes: A list of public IP prefix resources.' items: - description: A reference to an Azure resource. properties: id: - description: 'Id: The fully qualified Azure resource id.' type: string type: object type: array type: object outboundIPs: - description: 'OutboundIPs: Desired outbound IP resources for the cluster load balancer.' properties: publicIPs: - description: 'PublicIPs: A list of public IP resources.' items: - description: A reference to an Azure resource. properties: id: - description: 'Id: The fully qualified Azure resource id.' type: string type: object type: array type: object type: object loadBalancerSku: - description: |- - LoadBalancerSku: The load balancer sku for the managed cluster. The default is 'standard'. See [Azure Load Balancer - SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load - balancer SKUs. type: string natGatewayProfile: - description: 'NatGatewayProfile: Profile of the cluster NAT gateway.' properties: effectiveOutboundIPs: - description: 'EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.' items: - description: A reference to an Azure resource. properties: id: - description: 'Id: The fully qualified Azure resource id.' type: string type: object type: array idleTimeoutInMinutes: - description: |- - IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 - (inclusive). The default value is 4 minutes. type: integer managedOutboundIPProfile: - description: 'ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.' properties: count: - description: |- - Count: The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 - (inclusive). The default value is 1. type: integer type: object type: object networkDataplane: - description: 'NetworkDataplane: Network dataplane used in the Kubernetes cluster.' type: string networkMode: - description: |- - NetworkMode: The network mode Azure CNI is configured with. This cannot be specified if networkPlugin is anything other - than 'azure'. type: string networkPlugin: - description: 'NetworkPlugin: Network plugin used for building the Kubernetes network.' type: string networkPluginMode: - description: 'NetworkPluginMode: The mode the network plugin should use.' type: string networkPolicy: - description: 'NetworkPolicy: Network policy used for building the Kubernetes network.' type: string outboundType: - description: |- - OutboundType: The outbound (egress) routing method. This can only be set at cluster creation time and cannot be changed - later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype). type: string podCidr: - description: 'PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.' type: string podCidrs: - description: |- - PodCidrs: The CIDR notation IP ranges from which to assign pod IPs. One IPv4 CIDR is expected for single-stack - networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. items: type: string type: array serviceCidr: - description: |- - ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP - ranges. type: string serviceCidrs: - description: |- - ServiceCidrs: The CIDR notation IP ranges from which to assign service cluster IPs. One IPv4 CIDR is expected for - single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must - not overlap with any Subnet IP ranges. items: type: string type: array staticEgressGatewayProfile: - description: |- - StaticEgressGatewayProfile: The profile for Static Egress Gateway addon. For more details about Static Egress Gateway, - see https://aka.ms/aks/static-egress-gateway. properties: enabled: - description: 'Enabled: Enable Static Egress Gateway addon. Indicates if Static Egress Gateway addon is enabled or not.' type: boolean type: object type: object nodeProvisioningProfile: - description: 'NodeProvisioningProfile: Node provisioning settings that apply to the whole cluster.' properties: defaultNodePools: - description: |- - DefaultNodePools: The set of default Karpenter NodePools (CRDs) configured for node provisioning. This field has no - effect unless mode is 'Auto'. Warning: Changing this from Auto to None on an existing cluster will cause the default - Karpenter NodePools to be deleted, which will drain and delete the nodes associated with those pools. It is strongly - recommended to not do this unless there are idle nodes ready to take the pods evicted by that action. If not specified, - the default is Auto. For more information see aka.ms/aks/nap#node-pools. type: string mode: - description: 'Mode: The node provisioning mode. If not specified, the default is Manual.' type: string type: object nodeResourceGroup: - description: 'NodeResourceGroup: The name of the resource group containing agent pool nodes.' type: string nodeResourceGroupProfile: - description: 'NodeResourceGroupProfile: Profile of the node resource group configuration.' properties: restrictionLevel: - description: |- - RestrictionLevel: The restriction level applied to the cluster's node resource group. If not specified, the default is - 'Unrestricted' type: string type: object oidcIssuerProfile: - description: 'OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.' properties: enabled: - description: 'Enabled: Whether the OIDC issuer is enabled.' type: boolean issuerURL: - description: 'IssuerURL: The OIDC issuer url of the Managed Cluster.' type: string type: object podIdentityProfile: - description: |- - PodIdentityProfile: The pod identity profile of the Managed Cluster. See [use AAD pod - identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity - integration. properties: allowNetworkPluginKubenet: - description: |- - AllowNetworkPluginKubenet: Whether pod identity is allowed to run on clusters with Kubenet networking. Running in - Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See - [using Kubenet network plugin with AAD Pod - Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) - for more information. type: boolean enabled: - description: 'Enabled: Whether the pod identity addon is enabled.' type: boolean userAssignedIdentities: - description: 'UserAssignedIdentities: The pod identities to use in the cluster.' items: - description: Details about the pod identity assigned to the Managed Cluster. properties: bindingSelector: - description: 'BindingSelector: The binding selector to use for the AzureIdentityBinding resource.' type: string identity: - description: 'Identity: The user assigned identity details.' properties: clientId: - description: 'ClientId: The client ID of the user assigned identity.' type: string objectId: - description: 'ObjectId: The object ID of the user assigned identity.' type: string resourceId: - description: 'ResourceId: The resource ID of the user assigned identity.' type: string type: object name: - description: 'Name: The name of the pod identity.' type: string namespace: - description: 'Namespace: The namespace of the pod identity.' type: string provisioningInfo: properties: error: - description: 'Error: Pod identity assignment error (if any).' properties: error: - description: 'Error: Details about the error.' properties: code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' type: string details: - description: 'Details: A list of additional details about the error.' items: properties: code: - description: 'Code: An identifier for the error. Codes are invariant and are intended to be consumed programmatically.' type: string message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' type: string target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' type: string type: object type: array message: - description: 'Message: A message describing the error, intended to be suitable for display in a user interface.' type: string target: - description: 'Target: The target of the particular error. For example, the name of the property in error.' type: string type: object type: object type: object provisioningState: - description: 'ProvisioningState: The current provisioning state of the pod identity.' type: string type: object type: array userAssignedIdentityExceptions: - description: 'UserAssignedIdentityExceptions: The pod identity exceptions to allow.' items: - description: |- - A pod identity exception, which allows pods with certain labels to access the Azure Instance Metadata Service (IMDS) - endpoint without being intercepted by the node-managed identity (NMI) server. See [disable AAD Pod Identity for a - specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more - details. properties: name: - description: 'Name: The name of the pod identity exception.' type: string namespace: - description: 'Namespace: The namespace of the pod identity exception.' type: string podLabels: additionalProperties: type: string - description: 'PodLabels: The pod labels to match.' type: object type: object type: array type: object powerState: - description: 'PowerState: The Power State of the cluster.' properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object privateFQDN: - description: 'PrivateFQDN: The FQDN of private cluster.' type: string privateLinkResources: - description: 'PrivateLinkResources: Private link resources associated with the cluster.' items: - description: A private link resource properties: groupId: - description: 'GroupId: The group ID of the resource.' type: string id: - description: 'Id: The ID of the private link resource.' type: string name: - description: 'Name: The name of the private link resource.' type: string privateLinkServiceID: - description: 'PrivateLinkServiceID: The private link service ID of the resource, this field is exposed only to NRP internally.' type: string requiredMembers: - description: 'RequiredMembers: The RequiredMembers of the resource' items: type: string type: array type: - description: 'Type: The resource type.' type: string type: object type: array provisioningState: - description: 'ProvisioningState: The current provisioning state.' type: string publicNetworkAccess: - description: 'PublicNetworkAccess: PublicNetworkAccess of the managedCluster. Allow or deny public network access for AKS' type: string resourceUID: - description: |- - ResourceUID: The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create - sequence) type: string securityProfile: - description: 'SecurityProfile: Security profile for the managed cluster.' properties: azureKeyVaultKms: - description: |- - AzureKeyVaultKms: Azure Key Vault [key management - service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile. properties: enabled: - description: 'Enabled: Whether to enable Azure Key Vault key management service. The default is false.' type: boolean keyId: - description: |- - KeyId: Identifier of Azure Key Vault key. See [key identifier - format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) - for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key - identifier. When Azure Key Vault key management service is disabled, leave the field empty. type: string keyVaultNetworkAccess: - description: |- - KeyVaultNetworkAccess: Network access of the key vault. Network access of key vault. The possible values are `Public` - and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault - disables public access and enables private link. The default value is `Public`. type: string keyVaultResourceId: - description: |- - KeyVaultResourceId: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must - be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. type: string type: object customCATrustCertificates: - description: |- - CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on all nodes in - the cluster. For more information see [Custom CA Trust - Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority). items: type: string type: array defender: - description: 'Defender: Microsoft Defender settings for the security profile.' properties: logAnalyticsWorkspaceResourceId: - description: |- - LogAnalyticsWorkspaceResourceId: Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. - When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft - Defender is disabled, leave the field empty. type: string securityMonitoring: - description: 'SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Defender threat detection' type: boolean type: object type: object imageCleaner: - description: 'ImageCleaner: Image Cleaner settings for the security profile.' properties: enabled: - description: 'Enabled: Whether to enable Image Cleaner on AKS cluster.' type: boolean intervalHours: - description: 'IntervalHours: Image Cleaner scanning interval in hours.' type: integer type: object workloadIdentity: - description: |- - WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications - to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details. properties: enabled: - description: 'Enabled: Whether to enable workload identity.' type: boolean type: object type: object serviceMeshProfile: - description: 'ServiceMeshProfile: Service mesh profile for a managed cluster.' properties: istio: - description: 'Istio: Istio service mesh configuration.' properties: certificateAuthority: - description: |- - CertificateAuthority: Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin - certificates as described here https://aka.ms/asm-plugin-ca properties: plugin: - description: 'Plugin: Plugin certificates information for Service Mesh.' properties: certChainObjectName: - description: 'CertChainObjectName: Certificate chain object name in Azure Key Vault.' type: string certObjectName: - description: 'CertObjectName: Intermediate certificate object name in Azure Key Vault.' type: string keyObjectName: - description: 'KeyObjectName: Intermediate certificate private key object name in Azure Key Vault.' type: string keyVaultId: - description: 'KeyVaultId: The resource ID of the Key Vault.' type: string rootCertObjectName: - description: 'RootCertObjectName: Root certificate object name in Azure Key Vault.' type: string type: object type: object components: - description: 'Components: Istio components configuration.' properties: egressGateways: - description: 'EgressGateways: Istio egress gateways.' items: - description: Istio egress gateway configuration. properties: enabled: - description: 'Enabled: Whether to enable the egress gateway.' type: boolean type: object type: array ingressGateways: - description: 'IngressGateways: Istio ingress gateways.' items: - description: |- - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: enabled: - description: 'Enabled: Whether to enable the ingress gateway.' type: boolean mode: - description: 'Mode: Mode of an ingress gateway.' type: string type: object type: array type: object revisions: - description: |- - Revisions: The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. - When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: - https://learn.microsoft.com/en-us/azure/aks/istio-upgrade items: type: string type: array type: object mode: - description: 'Mode: Mode of the service mesh.' type: string type: object servicePrincipalProfile: - description: |- - ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure - APIs. properties: clientId: - description: 'ClientId: The ID for the service principal.' type: string type: object sku: - description: 'Sku: The managed cluster SKU.' properties: name: - description: 'Name: The name of a managed cluster SKU.' type: string tier: - description: |- - Tier: The tier of a managed cluster SKU. If not specified, the default is 'Free'. See [AKS Pricing - Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details. type: string type: object status: - description: 'Status: Contains read-only information about the Managed Cluster.' properties: provisioningError: - description: |- - ProvisioningError: The error details information of the managed cluster. Preserves the detailed info of failure. If - there was no error, this field is omitted. properties: additionalInfo: - description: 'AdditionalInfo: The error additional info.' items: - description: The resource management error additional info. properties: info: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Info: The additional info.' type: object type: - description: 'Type: The additional info type.' type: string type: object type: array code: - description: 'Code: The error code.' type: string details: - description: 'Details: The error details.' items: properties: additionalInfo: - description: 'AdditionalInfo: The error additional info.' items: - description: The resource management error additional info. properties: info: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Info: The additional info.' type: object type: - description: 'Type: The additional info type.' type: string type: object type: array code: - description: 'Code: The error code.' type: string message: - description: 'Message: The error message.' type: string target: - description: 'Target: The error target.' type: string type: object type: array message: - description: 'Message: The error message.' type: string target: - description: 'Target: The error target.' type: string type: object type: object storageProfile: - description: 'StorageProfile: Storage profile for the managed cluster.' properties: blobCSIDriver: - description: 'BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.' type: boolean type: object diskCSIDriver: - description: 'DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.' type: boolean type: object fileCSIDriver: - description: 'FileCSIDriver: AzureFile CSI Driver settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable AzureFile CSI Driver. The default value is true.' type: boolean type: object snapshotController: - description: 'SnapshotController: Snapshot Controller settings for the storage profile.' properties: enabled: - description: 'Enabled: Whether to enable Snapshot Controller. The default value is true.' type: boolean type: object type: object supportPlan: - description: 'SupportPlan: The support plan for the Managed Cluster. If unspecified, the default is ''KubernetesOfficial''.' type: string systemData: - description: 'SystemData: Azure Resource Manager metadata containing createdBy and modifiedBy information.' properties: createdAt: - description: 'CreatedAt: The timestamp of resource creation (UTC).' type: string createdBy: - description: 'CreatedBy: The identity that created the resource.' type: string createdByType: - description: 'CreatedByType: The type of identity that created the resource.' type: string lastModifiedAt: - description: 'LastModifiedAt: The timestamp of resource last modification (UTC)' type: string lastModifiedBy: - description: 'LastModifiedBy: The identity that last modified the resource.' type: string lastModifiedByType: - description: 'LastModifiedByType: The type of identity that last modified the resource.' type: string type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object type: - description: 'Type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"' type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading a cluster.' properties: overrideSettings: - description: 'OverrideSettings: Settings for overrides.' properties: forceUpgrade: - description: |- - ForceUpgrade: Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade - protections such as checking for deprecated API usage. Enable this option only with caution. type: boolean until: - description: |- - Until: Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the - effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set - by default. It must be set for the overrides to take effect. type: string type: object type: object windowsProfile: - description: 'WindowsProfile: The profile for Windows VMs in the Managed Cluster.' properties: adminUsername: - description: |- - AdminUsername: Specifies the name of the administrator account. - Restriction: Cannot end in "." - Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", - "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", - "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". - Minimum-length: 1 character - Max-length: 20 characters type: string enableCSIProxy: - description: |- - EnableCSIProxy: Whether to enable CSI proxy. For more details on CSI proxy, see the [CSI proxy GitHub - repo](https://github.com/kubernetes-csi/csi-proxy). type: boolean gmsaProfile: - description: 'GmsaProfile: The Windows gMSA Profile in the Managed Cluster.' properties: dnsServer: - description: |- - DnsServer: Specifies the DNS server for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string enabled: - description: 'Enabled: Whether to enable Windows gMSA. Specifies whether to enable Windows gMSA in the managed cluster.' type: boolean rootDomainName: - description: |- - RootDomainName: Specifies the root domain name for Windows gMSA. - Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster. type: string type: object licenseType: - description: |- - LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User - Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details. type: string type: object workloadAutoScalerProfile: - description: 'WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.' properties: keda: - description: 'Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.' properties: enabled: - description: 'Enabled: Whether to enable KEDA.' type: boolean type: object verticalPodAutoscaler: - description: 'VerticalPodAutoscaler: VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.' properties: enabled: - description: 'Enabled: Whether to enable VPA. Default value is false.' type: boolean type: object type: object @@ -42629,51 +27855,24 @@ spec: name: v1api20250801storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20250801.ManagedCluster - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2025-08-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20250801.ManagedCluster_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: |- - Storage version of v1api20250801.ManagedClusterAADProfile - AADProfile specifies attributes for Azure Active Directory integration. For more details see [managed AAD on - AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -42694,16 +27893,10 @@ spec: type: object addonProfiles: additionalProperties: - description: |- - Storage version of v1api20250801.ManagedClusterAddonProfile - A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -42715,73 +27908,45 @@ spec: type: object agentPoolProfiles: items: - description: |- - Storage version of v1api20250801.ManagedClusterAgentPoolProfile - Profile for the container service agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: type: string type: array capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object count: type: integer creationData: - description: |- - Storage version of v1api20250801.CreationData - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -42796,16 +27961,10 @@ spec: enableUltraSSD: type: boolean gatewayProfile: - description: |- - Storage version of v1api20250801.AgentPoolGatewayProfile - Profile of the managed cluster gateway agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixSize: type: integer @@ -42813,56 +27972,31 @@ spec: gpuInstanceProfile: type: string gpuProfile: - description: |- - Storage version of v1api20250801.GPUProfile - GPU settings for the Agent Pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object driver: type: string type: object hostGroupReference: - description: |- - HostGroupReference: The fully qualified resource ID of the Dedicated Host Group to provision virtual machines from, used - only in creation scenario and not allowed to changed once set. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: |- - Storage version of v1api20250801.KubeletConfig - Kubelet configurations of agent nodes. See [AKS custom node - configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -42892,31 +28026,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20250801.LinuxOSConfig - OS configurations of Linux agent nodes. See [AKS custom node - configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20250801.SysctlConfig - Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -42993,29 +28114,17 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20250801.AgentPoolNetworkProfile - Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: |- - Storage version of v1api20250801.PortRange - The port range. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -43027,38 +28136,24 @@ spec: type: array applicationSecurityGroupsReferences: items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20250801.IPTag - Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -43072,25 +28167,15 @@ spec: type: string type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: The public IP prefix ID which VM nodes should use IPs from. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: @@ -43110,61 +28195,36 @@ spec: podIPAllocationMode: type: string podSubnetReference: - description: |- - PodSubnetReference: The ID of the subnet which pods will join when launched. If omitted, pod IPs are statically assigned - on the node subnet (see vnetSubnetID for more details). This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - Storage version of v1api20250801.PowerState - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: @@ -43174,16 +28234,10 @@ spec: scaleSetPriority: type: string securityProfile: - description: |- - Storage version of v1api20250801.AgentPoolSecurityProfile - The security settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enableSecureBoot: type: boolean @@ -43201,16 +28255,10 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20250801.AgentPoolUpgradeSettings - Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -43225,16 +28273,10 @@ spec: type: object virtualMachineNodesStatus: items: - description: |- - Storage version of v1api20250801.VirtualMachineNodes - Current status on a group of nodes of the same vm size. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -43243,41 +28285,23 @@ spec: type: object type: array virtualMachinesProfile: - description: |- - Storage version of v1api20250801.VirtualMachinesProfile - Specifications on VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object scale: - description: |- - Storage version of v1api20250801.ScaleProfile - Specifications on how to scale a VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object manual: items: - description: |- - Storage version of v1api20250801.ManualScaleProfile - Specifications on number of machines. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -43290,40 +28314,22 @@ spec: vmSize: type: string vnetSubnetReference: - description: |- - VnetSubnetReference: The ID of the subnet which agent pool nodes and optionally pods will join on startup. If this is - not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and - pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object windowsProfile: - description: |- - Storage version of v1api20250801.AgentPoolWindowsProfile - The Windows agent pool's specific profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object disableOutboundNat: type: boolean @@ -43333,33 +28339,19 @@ spec: type: object type: array aiToolchainOperatorProfile: - description: |- - Storage version of v1api20250801.ManagedClusterAIToolchainOperatorProfile - When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator - automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and - enables distributed inference against them. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object apiServerAccessProfile: - description: |- - Storage version of v1api20250801.ManagedClusterAPIServerAccessProfile - Access profile for managed cluster API server. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -43376,37 +28368,23 @@ spec: privateDNSZone: type: string subnetReference: - description: |- - SubnetReference: The subnet to be used when apiserver vnet integration is enabled. It is required when creating a new - cluster with BYO Vnet, or when updating an existing cluster to enable apiserver vnet integration. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object autoScalerProfile: - description: Storage version of v1api20250801.ManagedClusterProperties_AutoScalerProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -43450,16 +28428,10 @@ spec: type: string type: object autoUpgradeProfile: - description: |- - Storage version of v1api20250801.ManagedClusterAutoUpgradeProfile - Auto upgrade profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object nodeOSUpgradeChannel: type: string @@ -43467,46 +28439,24 @@ spec: type: string type: object azureMonitorProfile: - description: |- - Storage version of v1api20250801.ManagedClusterAzureMonitorProfile - Azure Monitor addon profiles for monitoring the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metrics: - description: |- - Storage version of v1api20250801.ManagedClusterAzureMonitorProfileMetrics - Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean kubeStateMetrics: - description: |- - Storage version of v1api20250801.ManagedClusterAzureMonitorProfileKubeStateMetrics - Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metricAnnotationsAllowList: type: string @@ -43516,70 +28466,40 @@ spec: type: object type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string bootstrapProfile: - description: |- - Storage version of v1api20250801.ManagedClusterBootstrapProfile - The bootstrap profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object artifactSource: type: string containerRegistryReference: - description: |- - ContainerRegistryReference: The resource Id of Azure Container Registry. The registry must have private network access, - premium SKU and zone redundancy. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object disableLocalAccounts: type: boolean diskEncryptionSetReference: - description: |- - DiskEncryptionSetReference: The Resource ID of the disk encryption set to use for enabling encryption at rest. This is - of the form: - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object dnsPrefix: @@ -43587,16 +28507,10 @@ spec: enableRBAC: type: boolean extendedLocation: - description: |- - Storage version of v1api20250801.ExtendedLocation - The complex type of the extended location. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -43606,16 +28520,10 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: |- - Storage version of v1api20250801.ManagedClusterHTTPProxyConfig - Cluster HTTP proxy configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object httpProxy: type: string @@ -43629,52 +28537,32 @@ spec: type: string type: object identity: - description: |- - Storage version of v1api20250801.ManagedClusterIdentity - Identity for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object delegatedResources: additionalProperties: - description: |- - Storage version of v1api20250801.DelegatedResource - Delegated resource properties - internal use only. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object location: type: string referralResource: type: string resourceReference: - description: 'ResourceReference: The ARM resource id of the delegated resource - internal use only.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object tenantId: @@ -43685,35 +28573,21 @@ spec: type: string userAssignedIdentities: items: - description: |- - Storage version of v1api20250801.UserAssignedIdentityDetails - Information about the user assigned identity for the resource properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -43721,31 +28595,18 @@ spec: type: object identityProfile: additionalProperties: - description: |- - Storage version of v1api20250801.UserAssignedIdentity - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string clientIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key @@ -43754,101 +28615,62 @@ spec: objectId: type: string objectIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: object ingressProfile: - description: |- - Storage version of v1api20250801.ManagedClusterIngressProfile - Ingress profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object webAppRouting: - description: |- - Storage version of v1api20250801.ManagedClusterIngressProfileWebAppRouting - Application Routing add-on settings for the ingress profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsZoneResourceReferences: items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array enabled: type: boolean nginx: - description: Storage version of v1api20250801.ManagedClusterIngressProfileNginx properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object defaultIngressControllerType: type: string @@ -43860,43 +28682,25 @@ spec: kubernetesVersion: type: string linuxProfile: - description: |- - Storage version of v1api20250801.ContainerServiceLinuxProfile - Profile for Linux VMs in the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: |- - Storage version of v1api20250801.ContainerServiceSshConfiguration - SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: |- - Storage version of v1api20250801.ContainerServiceSshPublicKey - Contains information about SSH certificate public key data. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -43907,86 +28711,49 @@ spec: location: type: string metricsProfile: - description: |- - Storage version of v1api20250801.ManagedClusterMetricsProfile - The metrics profile for the ManagedCluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object costAnalysis: - description: |- - Storage version of v1api20250801.ManagedClusterCostAnalysis - The cost analysis configuration for the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object networkProfile: - description: |- - Storage version of v1api20250801.ContainerServiceNetworkProfile - Profile of network configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object advancedNetworking: - description: |- - Storage version of v1api20250801.AdvancedNetworking - Advanced Networking profile for enabling observability and security feature suite on a cluster. For more information see - aka.ms/aksadvancednetworking. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean observability: - description: |- - Storage version of v1api20250801.AdvancedNetworkingObservability - Observability profile to enable advanced network metrics and flow logs with historical contexts. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object security: - description: |- - Storage version of v1api20250801.AdvancedNetworkingSecurity - Security profile to enable security features on cilium based cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object advancedNetworkPolicies: type: string @@ -44001,16 +28768,10 @@ spec: type: string type: array loadBalancerProfile: - description: |- - Storage version of v1api20250801.ManagedClusterLoadBalancerProfile - Profile of the managed cluster load balancer. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer @@ -44021,14 +28782,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20250801.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -44036,92 +28793,56 @@ spec: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20250801.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: |- - Storage version of v1api20250801.ResourceReference - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array type: object outboundIPs: - description: Storage version of v1api20250801.ManagedClusterLoadBalancerProfile_OutboundIPs properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: |- - Storage version of v1api20250801.ResourceReference - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: The fully qualified Azure resource id.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -44131,30 +28852,18 @@ spec: loadBalancerSku: type: string natGatewayProfile: - description: |- - Storage version of v1api20250801.ManagedClusterNATGatewayProfile - Profile of the managed cluster NAT gateway. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: |- - Storage version of v1api20250801.ManagedClusterManagedOutboundIPProfile - Profile of the managed outbound IP resources of the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -44185,30 +28894,20 @@ spec: type: string type: array staticEgressGatewayProfile: - description: |- - Storage version of v1api20250801.ManagedClusterStaticEgressGatewayProfile - The Static Egress Gateway addon configuration for the cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object nodeProvisioningProfile: - description: Storage version of v1api20250801.ManagedClusterNodeProvisioningProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object defaultNodePools: type: string @@ -44218,70 +28917,37 @@ spec: nodeResourceGroup: type: string nodeResourceGroupProfile: - description: |- - Storage version of v1api20250801.ManagedClusterNodeResourceGroupProfile - Node resource group lockdown profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object restrictionLevel: type: string type: object oidcIssuerProfile: - description: |- - Storage version of v1api20250801.ManagedClusterOIDCIssuerProfile - The OIDC issuer profile of the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object operatorSpec: - description: |- - Storage version of v1api20250801.ManagedClusterOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -44289,28 +28955,16 @@ spec: type: object type: array configMaps: - description: Storage version of v1api20250801.ManagedClusterOperatorConfigMaps properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object oidcIssuerProfile: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to: SecretDestination in secrets.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -44319,27 +28973,12 @@ spec: type: object secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -44347,46 +28986,26 @@ spec: type: object type: array secrets: - description: Storage version of v1api20250801.ManagedClusterOperatorSecrets properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to: ConfigMapDestination in configmaps.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key - name type: object userCredentials: - description: |- - SecretDestination describes the location to store a single secret value. - Note: This is similar to: ConfigMapDestination in configmaps.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the Kubernetes secret being referenced. type: string name: - description: |- - Name is the name of the Kubernetes secret to write to. - The secret will be created in the same namespace as the resource. type: string required: - key @@ -44397,30 +29016,18 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podIdentityProfile: - description: |- - Storage version of v1api20250801.ManagedClusterPodIdentityProfile - The pod identity profile of the Managed Cluster. See [use AAD pod - identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -44428,45 +29035,26 @@ spec: type: boolean userAssignedIdentities: items: - description: |- - Storage version of v1api20250801.ManagedClusterPodIdentity - Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: |- - Storage version of v1api20250801.UserAssignedIdentity - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string clientIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key @@ -44475,40 +29063,25 @@ spec: objectId: type: string objectIdFromConfig: - description: |- - ConfigMapReference is a reference to a Kubernetes configmap and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes configmap being referenced type: string name: - description: |- - Name is the name of the Kubernetes configmap being referenced. - The configmap must be in the same namespace as the resource type: string required: - key - name type: object resourceReference: - description: 'ResourceReference: The resource ID of the user assigned identity.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -44520,19 +29093,10 @@ spec: type: array userAssignedIdentityExceptions: items: - description: |- - Storage version of v1api20250801.ManagedClusterPodIdentityException - A pod identity exception, which allows pods with certain labels to access the Azure Instance Metadata Service (IMDS) - endpoint without being intercepted by the node-managed identity (NMI) server. See [disable AAD Pod Identity for a - specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more - details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -44547,39 +29111,25 @@ spec: type: object privateLinkResources: items: - description: |- - Storage version of v1api20250801.PrivateLinkResource - A private link resource properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object groupId: type: string name: type: string reference: - description: 'Reference: The ID of the private link resource.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requiredMembers: @@ -44593,28 +29143,16 @@ spec: publicNetworkAccess: type: string securityProfile: - description: |- - Storage version of v1api20250801.ManagedClusterSecurityProfile - Security profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: |- - Storage version of v1api20250801.AzureKeyVaultKms - Azure Key Vault key management service settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -44623,25 +29161,15 @@ spec: keyVaultNetworkAccess: type: string keyVaultResourceReference: - description: |- - KeyVaultResourceReference: Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and - must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -44650,68 +29178,38 @@ spec: type: string type: array defender: - description: |- - Storage version of v1api20250801.ManagedClusterSecurityProfileDefender - Microsoft Defender settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object logAnalyticsWorkspaceResourceReference: - description: |- - LogAnalyticsWorkspaceResourceReference: Resource ID of the Log Analytics workspace to be associated with Microsoft - Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When - Microsoft Defender is disabled, leave the field empty. properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object securityMonitoring: - description: |- - Storage version of v1api20250801.ManagedClusterSecurityProfileDefenderSecurityMonitoring - Microsoft Defender settings for the security profile threat detection. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object imageCleaner: - description: |- - Storage version of v1api20250801.ManagedClusterSecurityProfileImageCleaner - Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here - are settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -44719,69 +29217,38 @@ spec: type: integer type: object workloadIdentity: - description: |- - Storage version of v1api20250801.ManagedClusterSecurityProfileWorkloadIdentity - Workload identity settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object serviceMeshProfile: - description: |- - Storage version of v1api20250801.ServiceMeshProfile - Service mesh profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object istio: - description: |- - Storage version of v1api20250801.IstioServiceMesh - Istio service mesh configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object certificateAuthority: - description: |- - Storage version of v1api20250801.IstioCertificateAuthority - Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described - here https://aka.ms/asm-plugin-ca properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object plugin: - description: |- - Storage version of v1api20250801.IstioPluginCertificateAuthority - Plugin certificates information for Service Mesh. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object certChainObjectName: type: string @@ -44790,23 +29257,15 @@ spec: keyObjectName: type: string keyVaultReference: - description: 'KeyVaultReference: The resource ID of the Key Vault.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object rootCertObjectName: @@ -44814,29 +29273,17 @@ spec: type: object type: object components: - description: |- - Storage version of v1api20250801.IstioComponents - Istio components configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object egressGateways: items: - description: |- - Storage version of v1api20250801.IstioEgressGateway - Istio egress gateway configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -44844,17 +29291,10 @@ spec: type: array ingressGateways: items: - description: |- - Storage version of v1api20250801.IstioIngressGateway - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -44872,31 +29312,18 @@ spec: type: string type: object servicePrincipalProfile: - description: |- - Storage version of v1api20250801.ManagedClusterServicePrincipalProfile - Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string secret: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key @@ -44904,16 +29331,10 @@ spec: type: object type: object sku: - description: |- - Storage version of v1api20250801.ManagedClusterSKU - The SKU of a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -44921,73 +29342,43 @@ spec: type: string type: object storageProfile: - description: |- - Storage version of v1api20250801.ManagedClusterStorageProfile - Storage profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: |- - Storage version of v1api20250801.ManagedClusterStorageProfileBlobCSIDriver - AzureBlob CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object diskCSIDriver: - description: |- - Storage version of v1api20250801.ManagedClusterStorageProfileDiskCSIDriver - AzureDisk CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object fileCSIDriver: - description: |- - Storage version of v1api20250801.ManagedClusterStorageProfileFileCSIDriver - AzureFile CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object snapshotController: - description: |- - Storage version of v1api20250801.ManagedClusterStorageProfileSnapshotController - Snapshot Controller settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -45000,28 +29391,16 @@ spec: type: string type: object upgradeSettings: - description: |- - Storage version of v1api20250801.ClusterUpgradeSettings - Settings for upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object overrideSettings: - description: |- - Storage version of v1api20250801.UpgradeOverrideSettings - Settings for overrides when upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object forceUpgrade: type: boolean @@ -45030,29 +29409,16 @@ spec: type: object type: object windowsProfile: - description: |- - Storage version of v1api20250801.ManagedClusterWindowsProfile - Profile for Windows VMs in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminPassword: - description: |- - SecretReference is a reference to a Kubernetes secret and key in the same namespace as - the resource it is on. properties: key: - description: Key is the key in the Kubernetes secret being referenced type: string name: - description: |- - Name is the name of the Kubernetes secret being referenced. - The secret must be in the same namespace as the resource type: string required: - key @@ -45063,16 +29429,10 @@ spec: enableCSIProxy: type: boolean gmsaProfile: - description: |- - Storage version of v1api20250801.WindowsGmsaProfile - Windows gMSA Profile in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServer: type: string @@ -45085,43 +29445,25 @@ spec: type: string type: object workloadAutoScalerProfile: - description: |- - Storage version of v1api20250801.ManagedClusterWorkloadAutoScalerProfile - Workload Auto-scaler profile for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keda: - description: |- - Storage version of v1api20250801.ManagedClusterWorkloadAutoScalerProfileKeda - KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object verticalPodAutoscaler: - description: |- - Storage version of v1api20250801.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler - VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -45131,29 +29473,16 @@ spec: - owner type: object status: - description: |- - Storage version of v1api20250801.ManagedCluster_STATUS - Managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object aadProfile: - description: |- - Storage version of v1api20250801.ManagedClusterAADProfile_STATUS - AADProfile specifies attributes for Azure Active Directory integration. For more details see [managed AAD on - AKS](https://docs.microsoft.com/azure/aks/managed-aad). properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminGroupObjectIDs: items: @@ -45174,16 +29503,10 @@ spec: type: object addonProfiles: additionalProperties: - description: |- - Storage version of v1api20250801.ManagedClusterAddonProfile_STATUS - A Kubernetes add-on profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object config: additionalProperties: @@ -45192,16 +29515,10 @@ spec: enabled: type: boolean identity: - description: |- - Storage version of v1api20250801.UserAssignedIdentity_STATUS - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -45214,16 +29531,10 @@ spec: type: object agentPoolProfiles: items: - description: |- - Storage version of v1api20250801.ManagedClusterAgentPoolProfile_STATUS - Profile for the container service agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -45234,16 +29545,10 @@ spec: count: type: integer creationData: - description: |- - Storage version of v1api20250801.CreationData_STATUS - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -45263,16 +29568,10 @@ spec: enableUltraSSD: type: boolean gatewayProfile: - description: |- - Storage version of v1api20250801.AgentPoolGatewayProfile_STATUS - Profile of the managed cluster gateway agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixSize: type: integer @@ -45280,16 +29579,10 @@ spec: gpuInstanceProfile: type: string gpuProfile: - description: |- - Storage version of v1api20250801.GPUProfile_STATUS - GPU settings for the Agent Pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object driver: type: string @@ -45297,17 +29590,10 @@ spec: hostGroupID: type: string kubeletConfig: - description: |- - Storage version of v1api20250801.KubeletConfig_STATUS - Kubelet configurations of agent nodes. See [AKS custom node - configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -45337,31 +29623,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20250801.LinuxOSConfig_STATUS - OS configurations of Linux agent nodes. See [AKS custom node - configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20250801.SysctlConfig_STATUS - Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -45438,29 +29711,17 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20250801.AgentPoolNetworkProfile_STATUS - Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: |- - Storage version of v1api20250801.PortRange_STATUS - The port range. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -45476,16 +29737,10 @@ spec: type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20250801.IPTag_STATUS - Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -45521,16 +29776,10 @@ spec: podSubnetID: type: string powerState: - description: |- - Storage version of v1api20250801.PowerState_STATUS - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -45546,16 +29795,10 @@ spec: scaleSetPriority: type: string securityProfile: - description: |- - Storage version of v1api20250801.AgentPoolSecurityProfile_STATUS - The security settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enableSecureBoot: type: boolean @@ -45567,41 +29810,23 @@ spec: spotMaxPrice: type: number status: - description: |- - Storage version of v1api20250801.AgentPoolStatus_STATUS - Contains read-only information about the Agent Pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object provisioningError: - description: |- - Storage version of v1api20250801.ErrorDetail_STATUS - The error detail. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object additionalInfo: items: - description: |- - Storage version of v1api20250801.ErrorAdditionalInfo_STATUS - The resource management error additional info. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object info: additionalProperties: @@ -45615,27 +29840,17 @@ spec: type: string details: items: - description: Storage version of v1api20250801.ErrorDetail_STATUS_Unrolled properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object additionalInfo: items: - description: |- - Storage version of v1api20250801.ErrorAdditionalInfo_STATUS - The resource management error additional info. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object info: additionalProperties: @@ -45666,16 +29881,10 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20250801.AgentPoolUpgradeSettings_STATUS - Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -45690,16 +29899,10 @@ spec: type: object virtualMachineNodesStatus: items: - description: |- - Storage version of v1api20250801.VirtualMachineNodes_STATUS - Current status on a group of nodes of the same vm size. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -45708,41 +29911,23 @@ spec: type: object type: array virtualMachinesProfile: - description: |- - Storage version of v1api20250801.VirtualMachinesProfile_STATUS - Specifications on VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object scale: - description: |- - Storage version of v1api20250801.ScaleProfile_STATUS - Specifications on how to scale a VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object manual: items: - description: |- - Storage version of v1api20250801.ManualScaleProfile_STATUS - Specifications on number of machines. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -45757,16 +29942,10 @@ spec: vnetSubnetID: type: string windowsProfile: - description: |- - Storage version of v1api20250801.AgentPoolWindowsProfile_STATUS - The Windows agent pool's specific profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object disableOutboundNat: type: boolean @@ -45776,33 +29955,19 @@ spec: type: object type: array aiToolchainOperatorProfile: - description: |- - Storage version of v1api20250801.ManagedClusterAIToolchainOperatorProfile_STATUS - When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator - automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and - enables distributed inference against them. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object apiServerAccessProfile: - description: |- - Storage version of v1api20250801.ManagedClusterAPIServerAccessProfile_STATUS - Access profile for managed cluster API server. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object authorizedIPRanges: items: @@ -45822,14 +29987,10 @@ spec: type: string type: object autoScalerProfile: - description: Storage version of v1api20250801.ManagedClusterProperties_AutoScalerProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object balance-similar-node-groups: type: string @@ -45873,16 +30034,10 @@ spec: type: string type: object autoUpgradeProfile: - description: |- - Storage version of v1api20250801.ManagedClusterAutoUpgradeProfile_STATUS - Auto upgrade profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object nodeOSUpgradeChannel: type: string @@ -45890,46 +30045,24 @@ spec: type: string type: object azureMonitorProfile: - description: |- - Storage version of v1api20250801.ManagedClusterAzureMonitorProfile_STATUS - Azure Monitor addon profiles for monitoring the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metrics: - description: |- - Storage version of v1api20250801.ManagedClusterAzureMonitorProfileMetrics_STATUS - Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes - infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See - aka.ms/AzureManagedPrometheus for an overview. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean kubeStateMetrics: - description: |- - Storage version of v1api20250801.ManagedClusterAzureMonitorProfileKubeStateMetrics_STATUS - Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the - kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for - details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object metricAnnotationsAllowList: type: string @@ -45941,16 +30074,10 @@ spec: azurePortalFQDN: type: string bootstrapProfile: - description: |- - Storage version of v1api20250801.ManagedClusterBootstrapProfile_STATUS - The bootstrap profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object artifactSource: type: string @@ -45959,39 +30086,22 @@ spec: type: object conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -46013,16 +30123,10 @@ spec: enableRBAC: type: boolean extendedLocation: - description: |- - Storage version of v1api20250801.ExtendedLocation_STATUS - The complex type of the extended location. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -46034,16 +30138,10 @@ spec: fqdnSubdomain: type: string httpProxyConfig: - description: |- - Storage version of v1api20250801.ManagedClusterHTTPProxyConfig_STATUS - Cluster HTTP proxy configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object httpProxy: type: string @@ -46059,29 +30157,17 @@ spec: id: type: string identity: - description: |- - Storage version of v1api20250801.ManagedClusterIdentity_STATUS - Identity for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object delegatedResources: additionalProperties: - description: |- - Storage version of v1api20250801.DelegatedResource_STATUS - Delegated resource properties - internal use only. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object location: type: string @@ -46101,14 +30187,10 @@ spec: type: string userAssignedIdentities: additionalProperties: - description: Storage version of v1api20250801.ManagedClusterIdentity_UserAssignedIdentities_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -46119,16 +30201,10 @@ spec: type: object identityProfile: additionalProperties: - description: |- - Storage version of v1api20250801.UserAssignedIdentity_STATUS - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -46139,28 +30215,16 @@ spec: type: object type: object ingressProfile: - description: |- - Storage version of v1api20250801.ManagedClusterIngressProfile_STATUS - Ingress profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object webAppRouting: - description: |- - Storage version of v1api20250801.ManagedClusterIngressProfileWebAppRouting_STATUS - Application Routing add-on settings for the ingress profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsZoneResourceIds: items: @@ -46169,16 +30233,10 @@ spec: enabled: type: boolean identity: - description: |- - Storage version of v1api20250801.UserAssignedIdentity_STATUS - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -46188,14 +30246,10 @@ spec: type: string type: object nginx: - description: Storage version of v1api20250801.ManagedClusterIngressProfileNginx_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object defaultIngressControllerType: type: string @@ -46207,43 +30261,25 @@ spec: kubernetesVersion: type: string linuxProfile: - description: |- - Storage version of v1api20250801.ContainerServiceLinuxProfile_STATUS - Profile for Linux VMs in the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string ssh: - description: |- - Storage version of v1api20250801.ContainerServiceSshConfiguration_STATUS - SSH configuration for Linux-based VMs running on Azure. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicKeys: items: - description: |- - Storage version of v1api20250801.ContainerServiceSshPublicKey_STATUS - Contains information about SSH certificate public key data. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keyData: type: string @@ -46256,28 +30292,16 @@ spec: maxAgentPools: type: integer metricsProfile: - description: |- - Storage version of v1api20250801.ManagedClusterMetricsProfile_STATUS - The metrics profile for the ManagedCluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object costAnalysis: - description: |- - Storage version of v1api20250801.ManagedClusterCostAnalysis_STATUS - The cost analysis configuration for the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -46286,58 +30310,33 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20250801.ContainerServiceNetworkProfile_STATUS - Profile of network configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object advancedNetworking: - description: |- - Storage version of v1api20250801.AdvancedNetworking_STATUS - Advanced Networking profile for enabling observability and security feature suite on a cluster. For more information see - aka.ms/aksadvancednetworking. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean observability: - description: |- - Storage version of v1api20250801.AdvancedNetworkingObservability_STATUS - Observability profile to enable advanced network metrics and flow logs with historical contexts. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object security: - description: |- - Storage version of v1api20250801.AdvancedNetworkingSecurity_STATUS - Security profile to enable security features on cilium based cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object advancedNetworkPolicies: type: string @@ -46352,16 +30351,10 @@ spec: type: string type: array loadBalancerProfile: - description: |- - Storage version of v1api20250801.ManagedClusterLoadBalancerProfile_STATUS - Profile of the managed cluster load balancer. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allocatedOutboundPorts: type: integer @@ -46369,16 +30362,10 @@ spec: type: string effectiveOutboundIPs: items: - description: |- - Storage version of v1api20250801.ResourceReference_STATUS - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -46389,14 +30376,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPs: - description: Storage version of v1api20250801.ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -46404,27 +30387,17 @@ spec: type: integer type: object outboundIPPrefixes: - description: Storage version of v1api20250801.ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixes: items: - description: |- - Storage version of v1api20250801.ResourceReference_STATUS - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -46432,27 +30405,17 @@ spec: type: array type: object outboundIPs: - description: Storage version of v1api20250801.ManagedClusterLoadBalancerProfile_OutboundIPs_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPs: items: - description: |- - Storage version of v1api20250801.ResourceReference_STATUS - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -46463,29 +30426,17 @@ spec: loadBalancerSku: type: string natGatewayProfile: - description: |- - Storage version of v1api20250801.ManagedClusterNATGatewayProfile_STATUS - Profile of the managed cluster NAT gateway. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object effectiveOutboundIPs: items: - description: |- - Storage version of v1api20250801.ResourceReference_STATUS - A reference to an Azure resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -46494,16 +30445,10 @@ spec: idleTimeoutInMinutes: type: integer managedOutboundIPProfile: - description: |- - Storage version of v1api20250801.ManagedClusterManagedOutboundIPProfile_STATUS - Profile of the managed outbound IP resources of the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -46534,30 +30479,20 @@ spec: type: string type: array staticEgressGatewayProfile: - description: |- - Storage version of v1api20250801.ManagedClusterStaticEgressGatewayProfile_STATUS - The Static Egress Gateway addon configuration for the cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object nodeProvisioningProfile: - description: Storage version of v1api20250801.ManagedClusterNodeProvisioningProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object defaultNodePools: type: string @@ -46567,31 +30502,19 @@ spec: nodeResourceGroup: type: string nodeResourceGroupProfile: - description: |- - Storage version of v1api20250801.ManagedClusterNodeResourceGroupProfile_STATUS - Node resource group lockdown profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object restrictionLevel: type: string type: object oidcIssuerProfile: - description: |- - Storage version of v1api20250801.ManagedClusterOIDCIssuerProfile_STATUS - The OIDC issuer profile of the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -46599,17 +30522,10 @@ spec: type: string type: object podIdentityProfile: - description: |- - Storage version of v1api20250801.ManagedClusterPodIdentityProfile_STATUS - The pod identity profile of the Managed Cluster. See [use AAD pod - identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowNetworkPluginKubenet: type: boolean @@ -46617,30 +30533,18 @@ spec: type: boolean userAssignedIdentities: items: - description: |- - Storage version of v1api20250801.ManagedClusterPodIdentity_STATUS - Details about the pod identity assigned to the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object bindingSelector: type: string identity: - description: |- - Storage version of v1api20250801.UserAssignedIdentity_STATUS - Details about a user assigned identity. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string @@ -46654,51 +30558,31 @@ spec: namespace: type: string provisioningInfo: - description: Storage version of v1api20250801.ManagedClusterPodIdentity_ProvisioningInfo_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object error: - description: |- - Storage version of v1api20250801.ManagedClusterPodIdentityProvisioningError_STATUS - An error response from the pod identity provisioning. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object error: - description: |- - Storage version of v1api20250801.ManagedClusterPodIdentityProvisioningErrorBody_STATUS - An error response from the pod identity provisioning. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string details: items: - description: Storage version of v1api20250801.ManagedClusterPodIdentityProvisioningErrorBody_STATUS_Unrolled properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -46721,19 +30605,10 @@ spec: type: array userAssignedIdentityExceptions: items: - description: |- - Storage version of v1api20250801.ManagedClusterPodIdentityException_STATUS - A pod identity exception, which allows pods with certain labels to access the Azure Instance Metadata Service (IMDS) - endpoint without being intercepted by the node-managed identity (NMI) server. See [disable AAD Pod Identity for a - specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more - details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -46747,16 +30622,10 @@ spec: type: array type: object powerState: - description: |- - Storage version of v1api20250801.PowerState_STATUS - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -46765,16 +30634,10 @@ spec: type: string privateLinkResources: items: - description: |- - Storage version of v1api20250801.PrivateLinkResource_STATUS - A private link resource properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object groupId: type: string @@ -46799,28 +30662,16 @@ spec: resourceUID: type: string securityProfile: - description: |- - Storage version of v1api20250801.ManagedClusterSecurityProfile_STATUS - Security profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureKeyVaultKms: - description: |- - Storage version of v1api20250801.AzureKeyVaultKms_STATUS - Azure Key Vault key management service settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -46836,47 +30687,28 @@ spec: type: string type: array defender: - description: |- - Storage version of v1api20250801.ManagedClusterSecurityProfileDefender_STATUS - Microsoft Defender settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object logAnalyticsWorkspaceResourceId: type: string securityMonitoring: - description: |- - Storage version of v1api20250801.ManagedClusterSecurityProfileDefenderSecurityMonitoring_STATUS - Microsoft Defender settings for the security profile threat detection. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object imageCleaner: - description: |- - Storage version of v1api20250801.ManagedClusterSecurityProfileImageCleaner_STATUS - Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here - are settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -46884,69 +30716,38 @@ spec: type: integer type: object workloadIdentity: - description: |- - Storage version of v1api20250801.ManagedClusterSecurityProfileWorkloadIdentity_STATUS - Workload identity settings for the security profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object type: object serviceMeshProfile: - description: |- - Storage version of v1api20250801.ServiceMeshProfile_STATUS - Service mesh profile for a managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object istio: - description: |- - Storage version of v1api20250801.IstioServiceMesh_STATUS - Istio service mesh configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object certificateAuthority: - description: |- - Storage version of v1api20250801.IstioCertificateAuthority_STATUS - Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described - here https://aka.ms/asm-plugin-ca properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object plugin: - description: |- - Storage version of v1api20250801.IstioPluginCertificateAuthority_STATUS - Plugin certificates information for Service Mesh. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object certChainObjectName: type: string @@ -46961,29 +30762,17 @@ spec: type: object type: object components: - description: |- - Storage version of v1api20250801.IstioComponents_STATUS - Istio components configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object egressGateways: items: - description: |- - Storage version of v1api20250801.IstioEgressGateway_STATUS - Istio egress gateway configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -46991,17 +30780,10 @@ spec: type: array ingressGateways: items: - description: |- - Storage version of v1api20250801.IstioIngressGateway_STATUS - Istio ingress gateway configuration. For now, we support up to one external ingress gateway named - `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -47019,31 +30801,19 @@ spec: type: string type: object servicePrincipalProfile: - description: |- - Storage version of v1api20250801.ManagedClusterServicePrincipalProfile_STATUS - Information about a service principal identity for the cluster to use for manipulating Azure APIs. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object clientId: type: string type: object sku: - description: |- - Storage version of v1api20250801.ManagedClusterSKU_STATUS - The SKU of a Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -47051,41 +30821,23 @@ spec: type: string type: object status: - description: |- - Storage version of v1api20250801.ManagedClusterStatus_STATUS - Contains read-only information about the Managed Cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object provisioningError: - description: |- - Storage version of v1api20250801.ErrorDetail_STATUS - The error detail. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object additionalInfo: items: - description: |- - Storage version of v1api20250801.ErrorAdditionalInfo_STATUS - The resource management error additional info. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object info: additionalProperties: @@ -47099,27 +30851,17 @@ spec: type: string details: items: - description: Storage version of v1api20250801.ErrorDetail_STATUS_Unrolled properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object additionalInfo: items: - description: |- - Storage version of v1api20250801.ErrorAdditionalInfo_STATUS - The resource management error additional info. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object info: additionalProperties: @@ -47144,73 +30886,43 @@ spec: type: object type: object storageProfile: - description: |- - Storage version of v1api20250801.ManagedClusterStorageProfile_STATUS - Storage profile for the container service cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object blobCSIDriver: - description: |- - Storage version of v1api20250801.ManagedClusterStorageProfileBlobCSIDriver_STATUS - AzureBlob CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object diskCSIDriver: - description: |- - Storage version of v1api20250801.ManagedClusterStorageProfileDiskCSIDriver_STATUS - AzureDisk CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object fileCSIDriver: - description: |- - Storage version of v1api20250801.ManagedClusterStorageProfileFileCSIDriver_STATUS - AzureFile CSI Driver settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object snapshotController: - description: |- - Storage version of v1api20250801.ManagedClusterStorageProfileSnapshotController_STATUS - Snapshot Controller settings for the storage profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -47219,16 +30931,10 @@ spec: supportPlan: type: string systemData: - description: |- - Storage version of v1api20250801.SystemData_STATUS - Metadata pertaining to creation and last modification of the resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object createdAt: type: string @@ -47250,28 +30956,16 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20250801.ClusterUpgradeSettings_STATUS - Settings for upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object overrideSettings: - description: |- - Storage version of v1api20250801.UpgradeOverrideSettings_STATUS - Settings for overrides when upgrading a cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object forceUpgrade: type: boolean @@ -47280,32 +30974,20 @@ spec: type: object type: object windowsProfile: - description: |- - Storage version of v1api20250801.ManagedClusterWindowsProfile_STATUS - Profile for Windows VMs in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object adminUsername: type: string enableCSIProxy: type: boolean gmsaProfile: - description: |- - Storage version of v1api20250801.WindowsGmsaProfile_STATUS - Windows gMSA Profile in the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServer: type: string @@ -47318,43 +31000,25 @@ spec: type: string type: object workloadAutoScalerProfile: - description: |- - Storage version of v1api20250801.ManagedClusterWorkloadAutoScalerProfile_STATUS - Workload Auto-scaler profile for the managed cluster. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object keda: - description: |- - Storage version of v1api20250801.ManagedClusterWorkloadAutoScalerProfileKeda_STATUS - KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean type: object verticalPodAutoscaler: - description: |- - Storage version of v1api20250801.ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_STATUS - VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -47417,100 +31081,49 @@ spec: name: v1api20230201 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-02-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' enum: - MIG1g - MIG2g @@ -47519,30 +31132,18 @@ spec: - MIG7g type: string hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: items: @@ -47571,15 +31172,11 @@ spec: type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. enum: - OS - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: type: integer @@ -47648,18 +31245,12 @@ spec: type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: - System - User @@ -47667,64 +31258,33 @@ spec: nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -47732,29 +31292,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -47763,33 +31307,17 @@ spec: type: array type: object orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. enum: - CBLMariner - Ubuntu @@ -47797,52 +31325,31 @@ spec: - Windows2022 type: string osType: - description: 'OsType: The operating system type. The default is Linux.' enum: - Linux - Windows type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded properties: code: enum: @@ -47851,99 +31358,63 @@ spec: type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' enum: - Deallocate - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. enum: - Deallocate - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' enum: - Regular - Spot type: string spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' enum: - AvailabilitySet - VirtualMachineScaleSets type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: maxSurge: type: string type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' enum: - OCIContainer - WasmWasi @@ -47954,48 +31425,27 @@ spec: status: properties: availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -48005,63 +31455,31 @@ spec: type: object type: array count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceId: type: string type: object currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be - exactly equal to it. If orchestratorVersion is , this field will contain the full - version being used. type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string hostGroupID: - description: |- - HostGroupID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string id: - description: 'Id: Resource ID.' type: string kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: items: @@ -48089,12 +31507,8 @@ spec: type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: type: integer @@ -48163,136 +31577,74 @@ spec: type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string nodeImageVersion: - description: 'NodeImageVersion: The version of node image' type: string nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. type: string osType: - description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: - description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded properties: code: type: string type: object properties_type: - description: 'PropertiesType: The type of Agent Pool.' type: string provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' type: string proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: Resource type' type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: maxSurge: type: string type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: object @@ -48316,78 +31668,43 @@ spec: name: v1api20230201storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20230201.ManagedClustersAgentPool - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-02-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20230201.ManagedClustersAgentPool_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: type: string type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string count: type: integer creationData: - description: Storage version of v1api20230201.CreationData properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -48404,37 +31721,22 @@ spec: gpuInstanceProfile: type: string hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: Storage version of v1api20230201.KubeletConfig properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -48464,26 +31766,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20230201.LinuxOSConfig properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20230201.SysctlConfig properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -48560,25 +31854,15 @@ spec: type: string type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: @@ -48586,40 +31870,19 @@ spec: type: string type: array operatorSpec: - description: |- - Storage version of v1api20230201.ManagedClustersAgentPoolOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -48628,27 +31891,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -48669,72 +31917,44 @@ spec: osType: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: Storage version of v1api20230201.PowerState properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: @@ -48752,14 +31972,10 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20230201.AgentPoolUpgradeSettings properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object maxSurge: type: string @@ -48767,26 +31983,15 @@ spec: vmSize: type: string vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object workloadRuntime: @@ -48795,14 +32000,10 @@ spec: - owner type: object status: - description: Storage version of v1api20230201.ManagedClustersAgentPool_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -48810,39 +32011,22 @@ spec: type: array conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -48854,14 +32038,10 @@ spec: count: type: integer creationData: - description: Storage version of v1api20230201.CreationData_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -48885,14 +32065,10 @@ spec: id: type: string kubeletConfig: - description: Storage version of v1api20230201.KubeletConfig_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -48922,26 +32098,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: Storage version of v1api20230201.LinuxOSConfig_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: Storage version of v1api20230201.SysctlConfig_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -49040,14 +32208,10 @@ spec: podSubnetID: type: string powerState: - description: Storage version of v1api20230201.PowerState_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -49073,14 +32237,10 @@ spec: type: type: string upgradeSettings: - description: Storage version of v1api20230201.AgentPoolUpgradeSettings_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object maxSurge: type: string @@ -49113,123 +32273,64 @@ spec: name: v1api20231001 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. maxLength: 12 minLength: 1 pattern: ^[a-z][a-z0-9]{0,11}$ type: string capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' enum: - MIG1g - MIG2g @@ -49238,240 +32339,149 @@ spec: - MIG7g type: string hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. enum: - OS - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' maximum: 90 minimum: 10 type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' maximum: 524288 minimum: 65536 type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' maximum: 2097152 minimum: 131072 type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: - System - User type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. maximum: 65535 minimum: 1 type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. maximum: 65535 minimum: 1 type: integer protocol: - description: 'Protocol: The network protocol of the port.' enum: - TCP - UDP @@ -49479,40 +32489,25 @@ spec: type: object type: array applicationSecurityGroupsReferences: - description: |- - ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when - created. items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array @@ -49520,64 +32515,33 @@ spec: nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -49585,29 +32549,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -49616,33 +32564,17 @@ spec: type: array type: object orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. enum: - AzureLinux - CBLMariner @@ -49651,167 +32583,100 @@ spec: - Windows2022 type: string osType: - description: 'OsType: The operating system type. The default is Linux.' enum: - Linux - Windows type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' enum: - Running - Stopped type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' enum: - Deallocate - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. enum: - Deallocate - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' enum: - Regular - Spot type: string spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' enum: - AvailabilitySet - VirtualMachineScaleSets type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. maximum: 1440 minimum: 1 type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' enum: - OCIContainer - WasmWasi @@ -49822,51 +32687,29 @@ spec: status: properties: availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array capacityReservationGroupID: - description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' type: string conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -49876,408 +32719,225 @@ spec: type: object type: array count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be - exactly equal to it. If orchestratorVersion is , this field will contain the full - version being used. type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string hostGroupID: - description: |- - HostGroupID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string id: - description: 'Id: Resource ID.' type: string kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. type: integer protocol: - description: 'Protocol: The network protocol of the port.' type: string type: object type: array applicationSecurityGroups: - description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' items: type: string type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object nodeImageVersion: - description: 'NodeImageVersion: The version of node image' type: string nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. type: string osType: - description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: - description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object properties_type: - description: 'PropertiesType: The type of Agent Pool.' type: string provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' type: string proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: Resource type' type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: object @@ -50301,100 +32961,55 @@ spec: name: v1api20231001storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20231001.ManagedClustersAgentPool - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2023-10-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20231001.ManagedClustersAgentPool_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: type: string type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object count: type: integer creationData: - description: |- - Storage version of v1api20231001.CreationData - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -50411,39 +33026,22 @@ spec: gpuInstanceProfile: type: string hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: |- - Storage version of v1api20231001.KubeletConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -50473,30 +33071,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20231001.LinuxOSConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20231001.SysctlConfig - Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -50569,29 +33155,17 @@ spec: mode: type: string networkProfile: - description: |- - Storage version of v1api20231001.AgentPoolNetworkProfile - Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: |- - Storage version of v1api20231001.PortRange - The port range. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -50603,38 +33177,24 @@ spec: type: array applicationSecurityGroupsReferences: items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20231001.IPTag - Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -50648,25 +33208,15 @@ spec: type: string type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: @@ -50674,40 +33224,19 @@ spec: type: string type: array operatorSpec: - description: |- - Storage version of v1api20231001.ManagedClustersAgentPoolOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -50716,27 +33245,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -50757,74 +33271,44 @@ spec: osType: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - Storage version of v1api20231001.PowerState - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: @@ -50842,16 +33326,10 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20231001.AgentPoolUpgradeSettings - Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -50861,26 +33339,15 @@ spec: vmSize: type: string vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object workloadRuntime: @@ -50889,14 +33356,10 @@ spec: - owner type: object status: - description: Storage version of v1api20231001.ManagedClustersAgentPool_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -50906,39 +33369,22 @@ spec: type: string conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -50950,16 +33396,10 @@ spec: count: type: integer creationData: - description: |- - Storage version of v1api20231001.CreationData_STATUS - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -50983,16 +33423,10 @@ spec: id: type: string kubeletConfig: - description: |- - Storage version of v1api20231001.KubeletConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -51022,30 +33456,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20231001.LinuxOSConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20231001.SysctlConfig_STATUS - Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -51120,29 +33542,17 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20231001.AgentPoolNetworkProfile_STATUS - Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: |- - Storage version of v1api20231001.PortRange_STATUS - The port range. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -51158,16 +33568,10 @@ spec: type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20231001.IPTag_STATUS - Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -51201,16 +33605,10 @@ spec: podSubnetID: type: string powerState: - description: |- - Storage version of v1api20231001.PowerState_STATUS - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -51236,16 +33634,10 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20231001.AgentPoolUpgradeSettings_STATUS - Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -51280,154 +33672,78 @@ spec: name: v1api20240402preview schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: artifactStreamingProfile: - description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' properties: enabled: - description: |- - Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use - this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. type: boolean type: object availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. maxLength: 12 minLength: 1 pattern: ^[a-z][a-z0-9]{0,11}$ type: string capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableCustomCATrust: - description: |- - EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a - daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded - certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gatewayProfile: - description: |- - GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is - not Gateway. properties: publicIPPrefixSize: - description: |- - PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide - public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with - one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure - public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 - nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. maximum: 31 minimum: 28 type: integer type: object gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' enum: - MIG1g - MIG2g @@ -51436,258 +33752,157 @@ spec: - MIG7g type: string gpuProfile: - description: 'GpuProfile: The GPU settings of an agent pool.' properties: installGPUDriver: - description: |- - InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU - Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents - automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver - installation themselves. type: boolean type: object hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. enum: - OS - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' maximum: 90 minimum: 10 type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' maximum: 524288 minimum: 65536 type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' maximum: 2097152 minimum: 131072 type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: - description: |- - MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of - the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., - will be printed raw and not be executed as a script). type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: - Gateway - System - User type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. maximum: 65535 minimum: 1 type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. maximum: 65535 minimum: 1 type: integer protocol: - description: 'Protocol: The network protocol of the port.' enum: - TCP - UDP @@ -51695,115 +33910,63 @@ spec: type: object type: array applicationSecurityGroupsReferences: - description: |- - ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when - created. items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object nodeInitializationTaints: - description: |- - NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field - can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that - requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the - node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint - nodes node1 key1=value1:NoSchedule-` items: type: string type: array nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -51811,29 +33974,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -51842,33 +33989,17 @@ spec: type: array type: object orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version and are supported. When is - specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same - once it has been created will not trigger an upgrade, even if a newer patch version is available. As a - best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version - must have the same major version as the control plane. The node pool minor version must be within two minor versions of - the control plane version. The node pool version cannot be greater than the control plane version. For more information - see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or - Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is - deprecated. enum: - AzureLinux - CBLMariner @@ -51879,176 +34010,107 @@ spec: - WindowsAnnual type: string osType: - description: 'OsType: The operating system type. The default is Linux.' enum: - Linux - Windows type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podIPAllocationMode: - description: |- - PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is - 'DynamicIndividual'. enum: - DynamicIndividual - StaticBlock type: string podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' enum: - Running - Stopped type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' enum: - Deallocate - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. enum: - Deallocate - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' enum: - Regular - Spot type: string securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean sshAccess: - description: 'SshAccess: SSH access method of an agent pool.' enum: - Disabled - LocalUser type: string type: object spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' enum: - AvailabilitySet - VirtualMachineScaleSets - VirtualMachines type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. maximum: 1440 minimum: 1 type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and - moving on to next node. If not specified, the default is 0 minutes. maximum: 30 minimum: 0 type: integer undrainableNodeBehavior: - description: |- - UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable - nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the - remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. enum: - Cordon - Schedule @@ -52056,58 +34118,36 @@ spec: type: object virtualMachineNodesStatus: items: - description: Current status on a group of nodes of the same vm size. properties: count: - description: 'Count: Number of nodes.' type: integer size: - description: 'Size: The VM size of the agents used to host this group of nodes.' type: string type: object type: array virtualMachinesProfile: - description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' properties: scale: - description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' properties: autoscale: - description: |- - Autoscale: Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, - at most one AutoScaleProfile is allowed. items: - description: Specifications on auto-scaling. properties: maxCount: - description: 'MaxCount: The maximum number of nodes of the specified sizes.' type: integer minCount: - description: 'MinCount: The minimum number of nodes of the specified sizes.' type: integer sizes: - description: |- - Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the - first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS - will use the next size. items: type: string type: array type: object type: array manual: - description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' items: - description: Specifications on number of machines. properties: count: - description: 'Count: Number of nodes.' type: integer sizes: - description: |- - Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the - first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will - use the next size. items: type: string type: array @@ -52116,45 +34156,25 @@ spec: type: object type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: |- - DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT - Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' enum: - KataMshvVmIsolation - OCIContainer @@ -52166,60 +34186,34 @@ spec: status: properties: artifactStreamingProfile: - description: 'ArtifactStreamingProfile: Configuration for using artifact streaming on AKS.' properties: enabled: - description: |- - Enabled: Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use - this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false. type: boolean type: object availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array capacityReservationGroupID: - description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' type: string conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -52229,534 +34223,287 @@ spec: type: object type: array count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: If orchestratorVersion was a fully specified version , this field will be - exactly equal to it. If orchestratorVersion was , this field will contain the full - version being used. type: string eTag: - description: |- - ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is - updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic - concurrency per the normal etag convention. type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableCustomCATrust: - description: |- - EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a - daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded - certificates into node trust stores. Defaults to false. type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gatewayProfile: - description: |- - GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is - not Gateway. properties: publicIPPrefixSize: - description: |- - PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide - public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with - one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure - public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 - nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. type: integer type: object gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string gpuProfile: - description: 'GpuProfile: The GPU settings of an agent pool.' properties: installGPUDriver: - description: |- - InstallGPUDriver: The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU - Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents - automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver - installation themselves. type: boolean type: object hostGroupID: - description: |- - HostGroupID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string id: - description: 'Id: Resource ID.' type: string kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: - description: |- - MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of - the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., - will be printed raw and not be executed as a script). type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. type: integer protocol: - description: 'Protocol: The network protocol of the port.' type: string type: object type: array applicationSecurityGroups: - description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' items: type: string type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object nodeImageVersion: - description: 'NodeImageVersion: The version of node image' type: string nodeInitializationTaints: - description: |- - NodeInitializationTaints: These taints will not be reconciled by AKS and can be removed with a kubectl call. This field - can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that - requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the - node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint - nodes node1 key1=value1:NoSchedule-` items: type: string type: array nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version and are supported. When is - specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same - once it has been created will not trigger an upgrade, even if a newer patch version is available. As a - best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version - must have the same major version as the control plane. The node pool minor version must be within two minor versions of - the control plane version. The node pool version cannot be greater than the control plane version. For more information - see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or - Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is - deprecated. type: string osType: - description: 'OsType: The operating system type. The default is Linux.' type: string podIPAllocationMode: - description: |- - PodIPAllocationMode: The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is - 'DynamicIndividual'. type: string podSubnetID: - description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object properties_type: - description: 'PropertiesType: The type of Agent Pool.' type: string provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' type: string proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean sshAccess: - description: 'SshAccess: SSH access method of an agent pool.' type: string type: object spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: Resource type' type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and - moving on to next node. If not specified, the default is 0 minutes. type: integer undrainableNodeBehavior: - description: |- - UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable - nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the - remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. type: string type: object virtualMachineNodesStatus: items: - description: Current status on a group of nodes of the same vm size. properties: count: - description: 'Count: Number of nodes.' type: integer size: - description: 'Size: The VM size of the agents used to host this group of nodes.' type: string type: object type: array virtualMachinesProfile: - description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' properties: scale: - description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' properties: autoscale: - description: |- - Autoscale: Specifications on how to auto-scale the VirtualMachines agent pool within a predefined size range. Currently, - at most one AutoScaleProfile is allowed. items: - description: Specifications on auto-scaling. properties: maxCount: - description: 'MaxCount: The maximum number of nodes of the specified sizes.' type: integer minCount: - description: 'MinCount: The minimum number of nodes of the specified sizes.' type: integer sizes: - description: |- - Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the - first available one when auto scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS - will use the next size. items: type: string type: array type: object type: array manual: - description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' items: - description: Specifications on number of machines. properties: count: - description: 'Count: Number of nodes.' type: integer sizes: - description: |- - Sizes: The list of allowed vm sizes e.g. ['Standard_E4s_v3', 'Standard_E16s_v3', 'Standard_D16s_v5']. AKS will use the - first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will - use the next size. items: type: string type: array @@ -52765,28 +34512,15 @@ spec: type: object type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: |- - DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT - Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: object @@ -52810,48 +34544,24 @@ spec: name: v1api20240402previewstorage schema: openAPIV3Schema: - description: |- - Storage version of v1api20240402preview.ManagedClustersAgentPool - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/preview/2024-04-02-preview/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20240402preview.ManagedClustersAgentPool_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object artifactStreamingProfile: - description: Storage version of v1api20240402preview.AgentPoolArtifactStreamingProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -52861,62 +34571,37 @@ spec: type: string type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object count: type: integer creationData: - description: |- - Storage version of v1api20240402preview.CreationData - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -52933,16 +34618,10 @@ spec: enableUltraSSD: type: boolean gatewayProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolGatewayProfile - Profile of the managed cluster gateway agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixSize: type: integer @@ -52950,52 +34629,31 @@ spec: gpuInstanceProfile: type: string gpuProfile: - description: Storage version of v1api20240402preview.AgentPoolGPUProfile properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object installGPUDriver: type: boolean type: object hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: |- - Storage version of v1api20240402preview.KubeletConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -53025,30 +34683,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20240402preview.LinuxOSConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20240402preview.SysctlConfig - Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -53123,29 +34769,17 @@ spec: mode: type: string networkProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolNetworkProfile - Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: |- - Storage version of v1api20240402preview.PortRange - The port range. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -53157,38 +34791,24 @@ spec: type: array applicationSecurityGroupsReferences: items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20240402preview.IPTag - Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -53206,25 +34826,15 @@ spec: type: string type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: @@ -53232,40 +34842,19 @@ spec: type: string type: array operatorSpec: - description: |- - Storage version of v1api20240402preview.ManagedClustersAgentPoolOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -53274,27 +34863,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -53315,76 +34889,46 @@ spec: osType: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podIPAllocationMode: type: string podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - Storage version of v1api20240402preview.PowerState - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: @@ -53394,16 +34938,10 @@ spec: scaleSetPriority: type: string securityProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolSecurityProfile - The security settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enableSecureBoot: type: boolean @@ -53421,16 +34959,10 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20240402preview.AgentPoolUpgradeSettings - Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -53443,16 +34975,10 @@ spec: type: object virtualMachineNodesStatus: items: - description: |- - Storage version of v1api20240402preview.VirtualMachineNodes - Current status on a group of nodes of the same vm size. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -53461,41 +34987,23 @@ spec: type: object type: array virtualMachinesProfile: - description: |- - Storage version of v1api20240402preview.VirtualMachinesProfile - Specifications on VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object scale: - description: |- - Storage version of v1api20240402preview.ScaleProfile - Specifications on how to scale a VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object autoscale: items: - description: |- - Storage version of v1api20240402preview.AutoScaleProfile - Specifications on auto-scaling. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object maxCount: type: integer @@ -53509,16 +35017,10 @@ spec: type: array manual: items: - description: |- - Storage version of v1api20240402preview.ManualScaleProfile - Specifications on number of machines. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -53533,39 +35035,22 @@ spec: vmSize: type: string vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object windowsProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolWindowsProfile - The Windows agent pool's specific profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object disableOutboundNat: type: boolean @@ -53576,24 +35061,16 @@ spec: - owner type: object status: - description: Storage version of v1api20240402preview.ManagedClustersAgentPool_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object artifactStreamingProfile: - description: Storage version of v1api20240402preview.AgentPoolArtifactStreamingProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -53606,39 +35083,22 @@ spec: type: string conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -53650,16 +35110,10 @@ spec: count: type: integer creationData: - description: |- - Storage version of v1api20240402preview.CreationData_STATUS - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -53681,16 +35135,10 @@ spec: enableUltraSSD: type: boolean gatewayProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolGatewayProfile_STATUS - Profile of the managed cluster gateway agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixSize: type: integer @@ -53698,14 +35146,10 @@ spec: gpuInstanceProfile: type: string gpuProfile: - description: Storage version of v1api20240402preview.AgentPoolGPUProfile_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object installGPUDriver: type: boolean @@ -53715,16 +35159,10 @@ spec: id: type: string kubeletConfig: - description: |- - Storage version of v1api20240402preview.KubeletConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -53754,30 +35192,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20240402preview.LinuxOSConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20240402preview.SysctlConfig_STATUS - Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -53854,29 +35280,17 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolNetworkProfile_STATUS - Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: |- - Storage version of v1api20240402preview.PortRange_STATUS - The port range. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -53892,16 +35306,10 @@ spec: type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20240402preview.IPTag_STATUS - Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -53941,16 +35349,10 @@ spec: podSubnetID: type: string powerState: - description: |- - Storage version of v1api20240402preview.PowerState_STATUS - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -53968,16 +35370,10 @@ spec: scaleSetPriority: type: string securityProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolSecurityProfile_STATUS - The security settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enableSecureBoot: type: boolean @@ -53995,16 +35391,10 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20240402preview.AgentPoolUpgradeSettings_STATUS - Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -54017,16 +35407,10 @@ spec: type: object virtualMachineNodesStatus: items: - description: |- - Storage version of v1api20240402preview.VirtualMachineNodes_STATUS - Current status on a group of nodes of the same vm size. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -54035,41 +35419,23 @@ spec: type: object type: array virtualMachinesProfile: - description: |- - Storage version of v1api20240402preview.VirtualMachinesProfile_STATUS - Specifications on VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object scale: - description: |- - Storage version of v1api20240402preview.ScaleProfile_STATUS - Specifications on how to scale a VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object autoscale: items: - description: |- - Storage version of v1api20240402preview.AutoScaleProfile_STATUS - Specifications on auto-scaling. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object maxCount: type: integer @@ -54083,16 +35449,10 @@ spec: type: array manual: items: - description: |- - Storage version of v1api20240402preview.ManualScaleProfile_STATUS - Specifications on number of machines. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -54109,16 +35469,10 @@ spec: vnetSubnetID: type: string windowsProfile: - description: |- - Storage version of v1api20240402preview.AgentPoolWindowsProfile_STATUS - The Windows agent pool's specific profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object disableOutboundNat: type: boolean @@ -54147,123 +35501,64 @@ spec: name: v1api20240901 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. maxLength: 12 minLength: 1 pattern: ^[a-z][a-z0-9]{0,11}$ type: string capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' enum: - MIG1g - MIG2g @@ -54272,240 +35567,149 @@ spec: - MIG7g type: string hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. enum: - OS - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' maximum: 90 minimum: 10 type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' maximum: 524288 minimum: 65536 type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' maximum: 2097152 minimum: 131072 type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: - System - User type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. maximum: 65535 minimum: 1 type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. maximum: 65535 minimum: 1 type: integer protocol: - description: 'Protocol: The network protocol of the port.' enum: - TCP - UDP @@ -54513,40 +35717,25 @@ spec: type: object type: array applicationSecurityGroupsReferences: - description: |- - ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when - created. items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array @@ -54554,64 +35743,33 @@ spec: nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -54619,29 +35777,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -54650,33 +35792,17 @@ spec: type: array type: object orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. enum: - AzureLinux - CBLMariner @@ -54685,197 +35811,116 @@ spec: - Windows2022 type: string osType: - description: 'OsType: The operating system type. The default is Linux.' enum: - Linux - Windows type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' enum: - Running - Stopped type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' enum: - Deallocate - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. enum: - Deallocate - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' enum: - Regular - Spot type: string securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean type: object spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' enum: - AvailabilitySet - VirtualMachineScaleSets type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. maximum: 1440 minimum: 1 type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and - moving on to next node. If not specified, the default is 0 minutes. maximum: 30 minimum: 0 type: integer type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: |- - DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT - Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' enum: - OCIContainer - WasmWasi @@ -54886,51 +35931,29 @@ spec: status: properties: availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array capacityReservationGroupID: - description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' type: string conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -54940,442 +35963,241 @@ spec: type: object type: array count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be - exactly equal to it. If orchestratorVersion is , this field will contain the full - version being used. type: string eTag: - description: |- - ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is - updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic - concurrency per the normal etag convention. type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information, - see: https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. - A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine - to minimize hops. For more information see [assigning a public IP per - node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The - default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string hostGroupID: - description: |- - HostGroupID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string id: - description: 'Id: Resource ID.' type: string kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and - a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: 'ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%' type: integer imageGcLowThreshold: - description: 'ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%' type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is - 'madvise'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more - information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool - restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. type: integer protocol: - description: 'Protocol: The network protocol of the port.' type: string type: object type: array applicationSecurityGroups: - description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' items: type: string type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object nodeImageVersion: - description: 'NodeImageVersion: The version of node image' type: string nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. - When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster - with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer - patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same - Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor - version must be within two minor versions of the control plane version. The node pool version cannot be greater than the - control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: |- - OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested - OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. type: string osType: - description: 'OsType: The operating system type. The default is Linux.' type: string podSubnetID: - description: |- - PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is - of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: |- - PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this - field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only - be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object properties_type: - description: 'PropertiesType: The type of Agent Pool.' type: string provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' type: string proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string scaleDownMode: - description: 'ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.' type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is - 'Delete'. type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean type: object spotMaxPrice: - description: |- - SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any - on-demand price. For more details on spot pricing, see [spot VMs - pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: Resource type' type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. - This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not - specified, the default is 30 minutes. type: integer maxSurge: - description: |- - MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it - is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded - up. If not specified, the default is 1. For more information, including best practices, see: - https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade type: string nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and - moving on to next node. If not specified, the default is 0 minutes. type: integer type: object vmSize: - description: |- - VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods - might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: |- - VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, - this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: |- - DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT - Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: object @@ -55399,100 +36221,55 @@ spec: name: v1api20240901storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20240901.ManagedClustersAgentPool - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20240901.ManagedClustersAgentPool_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: type: string type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object count: type: integer creationData: - description: |- - Storage version of v1api20240901.CreationData - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -55509,39 +36286,22 @@ spec: gpuInstanceProfile: type: string hostGroupReference: - description: |- - HostGroupReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: |- - Storage version of v1api20240901.KubeletConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -55571,30 +36331,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20240901.LinuxOSConfig - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20240901.SysctlConfig - Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -55667,29 +36415,17 @@ spec: mode: type: string networkProfile: - description: |- - Storage version of v1api20240901.AgentPoolNetworkProfile - Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: |- - Storage version of v1api20240901.PortRange - The port range. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -55701,38 +36437,24 @@ spec: type: array applicationSecurityGroupsReferences: items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20240901.IPTag - Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -55746,25 +36468,15 @@ spec: type: string type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: @@ -55772,40 +36484,19 @@ spec: type: string type: array operatorSpec: - description: |- - Storage version of v1api20240901.ManagedClustersAgentPoolOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -55814,27 +36505,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -55855,74 +36531,44 @@ spec: osType: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podSubnetReference: - description: |- - PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). - This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - Storage version of v1api20240901.PowerState - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: @@ -55932,16 +36578,10 @@ spec: scaleSetPriority: type: string securityProfile: - description: |- - Storage version of v1api20240901.AgentPoolSecurityProfile - The security settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enableSecureBoot: type: boolean @@ -55957,16 +36597,10 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20240901.AgentPoolUpgradeSettings - Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -55978,39 +36612,22 @@ spec: vmSize: type: string vnetSubnetReference: - description: |- - VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is - specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object windowsProfile: - description: |- - Storage version of v1api20240901.AgentPoolWindowsProfile - The Windows agent pool's specific profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object disableOutboundNat: type: boolean @@ -56021,14 +36638,10 @@ spec: - owner type: object status: - description: Storage version of v1api20240901.ManagedClustersAgentPool_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -56038,39 +36651,22 @@ spec: type: string conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -56082,16 +36678,10 @@ spec: count: type: integer creationData: - description: |- - Storage version of v1api20240901.CreationData_STATUS - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -56117,16 +36707,10 @@ spec: id: type: string kubeletConfig: - description: |- - Storage version of v1api20240901.KubeletConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -56156,30 +36740,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20240901.LinuxOSConfig_STATUS - See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20240901.SysctlConfig_STATUS - Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -56254,29 +36826,17 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20240901.AgentPoolNetworkProfile_STATUS - Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: |- - Storage version of v1api20240901.PortRange_STATUS - The port range. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -56292,16 +36852,10 @@ spec: type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20240901.IPTag_STATUS - Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -56335,16 +36889,10 @@ spec: podSubnetID: type: string powerState: - description: |- - Storage version of v1api20240901.PowerState_STATUS - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -56362,16 +36910,10 @@ spec: scaleSetPriority: type: string securityProfile: - description: |- - Storage version of v1api20240901.AgentPoolSecurityProfile_STATUS - The security settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enableSecureBoot: type: boolean @@ -56387,16 +36929,10 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20240901.AgentPoolUpgradeSettings_STATUS - Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -56410,16 +36946,10 @@ spec: vnetSubnetID: type: string windowsProfile: - description: |- - Storage version of v1api20240901.AgentPoolWindowsProfile_STATUS - The Windows agent pool's specific profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object disableOutboundNat: type: boolean @@ -56448,140 +36978,71 @@ spec: name: v1api20250801 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2025-08-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. maxLength: 12 minLength: 1 pattern: ^[a-z][a-z0-9]{0,11}$ type: string capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: Whether to enable host based OS and data drive encryption. This is only supported on certain VM - sizes and in certain Azure regions. For more information, see: - https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: Whether to use a FIPS-enabled OS. See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Whether each node is allocated its own public IP. Some scenarios may require nodes in a node pool to - receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to - make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP - per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). - The default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gatewayProfile: - description: |- - GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is - not Gateway. properties: publicIPPrefixSize: - description: |- - PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide - public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with - one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure - public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 - nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. maximum: 31 minimum: 28 type: integer type: object gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' enum: - MIG1g - MIG2g @@ -56590,264 +37051,160 @@ spec: - MIG7g type: string gpuProfile: - description: 'GpuProfile: GPU settings for the Agent Pool.' properties: driver: - description: 'Driver: Whether to install GPU drivers. When it''s not specified, default is Install.' enum: - Install - None type: string type: object hostGroupReference: - description: |- - HostGroupReference: The fully qualified resource ID of the Dedicated Host Group to provision virtual machines from, used - only in creation scenario and not allowed to changed once set. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. minimum: 2 type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: If CPU CFS quota enforcement is enabled for containers that specify CPU limits. The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The CPU CFS quota period value. The default is '100ms.' Valid values are a sequence of decimal - numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', - 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The CPU Manager policy to use. The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: |- - ImageGcHighThreshold: The percent of disk usage after which image garbage collection is always run. To disable image - garbage collection, set to 100. The default is 85% type: integer imageGcLowThreshold: - description: |- - ImageGcLowThreshold: The percent of disk usage before which image garbage collection is never run. This cannot be set - higher than imageGcHighThreshold. The default is 80% type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: The Topology Manager policy to use. For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. enum: - OS - Temporary type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' maximum: 90 minimum: 10 type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' maximum: 524288 minimum: 65536 type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' maximum: 2097152 minimum: 131072 type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Whether the kernel should make aggressive use of memory compaction to make more hugepages - available. Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For - more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Whether transparent hugepages are enabled. Valid values are 'always', 'madvise', and - 'never'. The default is 'always'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: - description: |- - MessageOfTheDay: Message of the day for Linux nodes, base64-encoded. A base64-encoded string which will be written to - /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified - for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script). type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: The mode of an agent pool. A cluster must have at least one 'System' Agent Pool at all times. For additional - information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools enum: - Gateway - System - User type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. maximum: 65535 minimum: 1 type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. maximum: 65535 minimum: 1 type: integer protocol: - description: 'Protocol: The network protocol of the port.' enum: - TCP - UDP @@ -56855,40 +37212,25 @@ spec: type: object type: array applicationSecurityGroupsReferences: - description: |- - ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when - created. items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array @@ -56896,64 +37238,33 @@ spec: nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: The public IP prefix ID which VM nodes should use IPs from. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -56961,29 +37272,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -56992,34 +37287,17 @@ spec: type: array type: object orchestratorVersion: - description: |- - OrchestratorVersion: The version of Kubernetes specified by the user. Both patch version (e.g. - 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch - version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x - -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade - all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version - as the control plane. The node pool minor version must be within two minor versions of the control plane version. The - node pool version cannot be greater than the control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: maximum: 2048 minimum: 0 type: integer osDiskType: - description: |- - OsDiskType: The OS disk type to be used for machines in the agent pool. The default is 'Ephemeral' if the VM supports it - and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after - creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). enum: - Ephemeral - Managed type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. enum: - AzureLinux - AzureLinux3 @@ -57030,187 +37308,109 @@ spec: - Windows2022 type: string osType: - description: 'OsType: The operating system type. The default is Linux.' enum: - Linux - Windows type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podIPAllocationMode: - description: |- - PodIPAllocationMode: Pod IP Allocation Mode. The IP allocation mode for pods in the agent pool. Must be used with - podSubnetId. The default is 'DynamicIndividual'. enum: - DynamicIndividual - StaticBlock type: string podSubnetReference: - description: |- - PodSubnetReference: The ID of the subnet which pods will join when launched. If omitted, pod IPs are statically assigned - on the node subnet (see vnetSubnetID for more details). This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - PowerState: Whether the Agent Pool is running or stopped. When an Agent Pool is first created it is initially Running. - The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not - accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' enum: - Running - Stopped type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: - description: |- - ScaleDownMode: The scale down mode to use when scaling the Agent Pool. This also effects the cluster autoscaler - behavior. If not specified, it defaults to Delete. enum: - Deallocate - Delete type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: The Virtual Machine Scale Set eviction policy to use. This cannot be specified unless the - scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'. enum: - Deallocate - Delete type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' enum: - Regular - Spot type: string securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean sshAccess: - description: 'SshAccess: SSH access method of an agent pool.' enum: - Disabled - LocalUser type: string type: object spotMaxPrice: - description: |- - SpotMaxPrice: The max price (in US Dollars) you are willing to pay for spot instances. Possible values are any decimal - value greater than zero or -1 which indicates default price to be up-to on-demand. Possible values are any decimal value - greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, - see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: The type of Agent Pool.' enum: - AvailabilitySet - VirtualMachineScaleSets - VirtualMachines type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The drain timeout for a node. The amount of time (in minutes) to wait on eviction of pods and - graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is - exceeded, the upgrade fails. If not specified, the default is 30 minutes. maximum: 1440 minimum: 1 type: integer maxSurge: - description: |- - MaxSurge: The maximum number or percentage of nodes that are surged during upgrade. This can either be set to an integer - (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size - at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 10%. For - more information, including best practices, see: https://learn.microsoft.com/en-us/azure/aks/upgrade-cluster type: string maxUnavailable: - description: |- - MaxUnavailable: The maximum number or percentage of nodes that can be simultaneously unavailable during upgrade. This - can either be set to an integer (e.g. '1') or a percentage (e.g. '5%'). If a percentage is specified, it is the - percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If - not specified, the default is 0. For more information, including best practices, see: - https://learn.microsoft.com/en-us/azure/aks/upgrade-cluster type: string nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The soak duration for a node. The amount of time (in minutes) to wait after draining a node - and before reimaging it and moving on to next node. If not specified, the default is 0 minutes. maximum: 30 minimum: 0 type: integer undrainableNodeBehavior: - description: |- - UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable - nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the - remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. enum: - Cordon - Schedule @@ -57218,80 +37418,48 @@ spec: type: object virtualMachineNodesStatus: items: - description: Current status on a group of nodes of the same vm size. properties: count: - description: 'Count: Number of nodes.' type: integer size: - description: 'Size: The VM size of the agents used to host this group of nodes.' type: string type: object type: array virtualMachinesProfile: - description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' properties: scale: - description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' properties: manual: - description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' items: - description: Specifications on number of machines. properties: count: - description: 'Count: Number of nodes.' type: integer size: - description: |- - Size: VM size that AKS will use when creating and scaling e.g. 'Standard_E4s_v3', 'Standard_E16s_v3' or - 'Standard_D16s_v5'. type: string type: object type: array type: object type: object vmSize: - description: |- - VmSize: The size of the agent pool VMs. VM size availability varies by region. If a node contains insufficient compute - resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetReference: - description: |- - VnetSubnetReference: The ID of the subnet which agent pool nodes and optionally pods will join on startup. If this is - not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and - pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: |- - DisableOutboundNat: Whether to disable OutboundNAT in windows nodes. The default value is false. Outbound NAT can only - be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' enum: - OCIContainer - WasmWasi @@ -57302,51 +37470,29 @@ spec: status: properties: availabilityZones: - description: |- - AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType - property is 'VirtualMachineScaleSets'. items: type: string type: array capacityReservationGroupID: - description: 'CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.' type: string conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -57356,603 +37502,330 @@ spec: type: object type: array count: - description: |- - Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) - for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. type: integer creationData: - description: |- - CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using - a snapshot. properties: sourceResourceId: - description: 'SourceResourceId: This is the ARM ID of the source object to be used to create the target object.' type: string type: object currentOrchestratorVersion: - description: |- - CurrentOrchestratorVersion: The version of Kubernetes the Agent Pool is running. If orchestratorVersion is a fully - specified version , this field will be exactly equal to it. If orchestratorVersion is , - this field will contain the full version being used. type: string eTag: - description: |- - ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is - updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic - concurrency per the normal etag convention. type: string enableAutoScaling: - description: 'EnableAutoScaling: Whether to enable auto-scaler' type: boolean enableEncryptionAtHost: - description: |- - EnableEncryptionAtHost: Whether to enable host based OS and data drive encryption. This is only supported on certain VM - sizes and in certain Azure regions. For more information, see: - https://docs.microsoft.com/azure/aks/enable-host-encryption type: boolean enableFIPS: - description: |- - EnableFIPS: Whether to use a FIPS-enabled OS. See [Add a FIPS-enabled node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more - details. type: boolean enableNodePublicIP: - description: |- - EnableNodePublicIP: Whether each node is allocated its own public IP. Some scenarios may require nodes in a node pool to - receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to - make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP - per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). - The default is false. type: boolean enableUltraSSD: - description: 'EnableUltraSSD: Whether to enable UltraSSD' type: boolean gatewayProfile: - description: |- - GatewayProfile: Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is - not Gateway. properties: publicIPPrefixSize: - description: |- - PublicIPPrefixSize: The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide - public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with - one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure - public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 - nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. type: integer type: object gpuInstanceProfile: - description: 'GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.' type: string gpuProfile: - description: 'GpuProfile: GPU settings for the Agent Pool.' properties: driver: - description: 'Driver: Whether to install GPU drivers. When it''s not specified, default is Install.' type: string type: object hostGroupID: - description: |- - HostGroupID: The fully qualified resource ID of the Dedicated Host Group to provision virtual machines from, used only - in creation scenario and not allowed to changed once set. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). type: string id: - description: 'Id: Resource ID.' type: string kubeletConfig: - description: 'KubeletConfig: The Kubelet configuration on the agent pool nodes.' properties: allowedUnsafeSysctls: - description: 'AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).' items: type: string type: array containerLogMaxFiles: - description: |- - ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be - ≥ 2. type: integer containerLogMaxSizeMB: - description: 'ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.' type: integer cpuCfsQuota: - description: 'CpuCfsQuota: If CPU CFS quota enforcement is enabled for containers that specify CPU limits. The default is true.' type: boolean cpuCfsQuotaPeriod: - description: |- - CpuCfsQuotaPeriod: The CPU CFS quota period value. The default is '100ms.' Valid values are a sequence of decimal - numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', - 'ms', 's', 'm', and 'h'. type: string cpuManagerPolicy: - description: |- - CpuManagerPolicy: The CPU Manager policy to use. The default is 'none'. See [Kubernetes CPU management - policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more - information. Allowed values are 'none' and 'static'. type: string failSwapOn: - description: 'FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.' type: boolean imageGcHighThreshold: - description: |- - ImageGcHighThreshold: The percent of disk usage after which image garbage collection is always run. To disable image - garbage collection, set to 100. The default is 85% type: integer imageGcLowThreshold: - description: |- - ImageGcLowThreshold: The percent of disk usage before which image garbage collection is never run. This cannot be set - higher than imageGcHighThreshold. The default is 80% type: integer podMaxPids: - description: 'PodMaxPids: The maximum number of processes per pod.' type: integer topologyManagerPolicy: - description: |- - TopologyManagerPolicy: The Topology Manager policy to use. For more information see [Kubernetes Topology - Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values - are 'none', 'best-effort', 'restricted', and 'single-numa-node'. type: string type: object kubeletDiskType: - description: |- - KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral - storage. type: string linuxOSConfig: - description: 'LinuxOSConfig: The OS configuration of Linux agent nodes.' properties: swapFileSizeMB: - description: 'SwapFileSizeMB: The size in MB of a swap file that will be created on each node.' type: integer sysctls: - description: 'Sysctls: Sysctl settings for Linux agent nodes.' properties: fsAioMaxNr: - description: 'FsAioMaxNr: Sysctl setting fs.aio-max-nr.' type: integer fsFileMax: - description: 'FsFileMax: Sysctl setting fs.file-max.' type: integer fsInotifyMaxUserWatches: - description: 'FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.' type: integer fsNrOpen: - description: 'FsNrOpen: Sysctl setting fs.nr_open.' type: integer kernelThreadsMax: - description: 'KernelThreadsMax: Sysctl setting kernel.threads-max.' type: integer netCoreNetdevMaxBacklog: - description: 'NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.' type: integer netCoreOptmemMax: - description: 'NetCoreOptmemMax: Sysctl setting net.core.optmem_max.' type: integer netCoreRmemDefault: - description: 'NetCoreRmemDefault: Sysctl setting net.core.rmem_default.' type: integer netCoreRmemMax: - description: 'NetCoreRmemMax: Sysctl setting net.core.rmem_max.' type: integer netCoreSomaxconn: - description: 'NetCoreSomaxconn: Sysctl setting net.core.somaxconn.' type: integer netCoreWmemDefault: - description: 'NetCoreWmemDefault: Sysctl setting net.core.wmem_default.' type: integer netCoreWmemMax: - description: 'NetCoreWmemMax: Sysctl setting net.core.wmem_max.' type: integer netIpv4IpLocalPortRange: - description: 'NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.' type: string netIpv4NeighDefaultGcThresh1: - description: 'NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.' type: integer netIpv4NeighDefaultGcThresh2: - description: 'NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.' type: integer netIpv4NeighDefaultGcThresh3: - description: 'NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.' type: integer netIpv4TcpFinTimeout: - description: 'NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.' type: integer netIpv4TcpKeepaliveProbes: - description: 'NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.' type: integer netIpv4TcpKeepaliveTime: - description: 'NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.' type: integer netIpv4TcpMaxSynBacklog: - description: 'NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.' type: integer netIpv4TcpMaxTwBuckets: - description: 'NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.' type: integer netIpv4TcpTwReuse: - description: 'NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.' type: boolean netIpv4TcpkeepaliveIntvl: - description: 'NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.' type: integer netNetfilterNfConntrackBuckets: - description: 'NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.' type: integer netNetfilterNfConntrackMax: - description: 'NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.' type: integer vmMaxMapCount: - description: 'VmMaxMapCount: Sysctl setting vm.max_map_count.' type: integer vmSwappiness: - description: 'VmSwappiness: Sysctl setting vm.swappiness.' type: integer vmVfsCachePressure: - description: 'VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.' type: integer type: object transparentHugePageDefrag: - description: |- - TransparentHugePageDefrag: Whether the kernel should make aggressive use of memory compaction to make more hugepages - available. Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For - more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string transparentHugePageEnabled: - description: |- - TransparentHugePageEnabled: Whether transparent hugepages are enabled. Valid values are 'always', 'madvise', and - 'never'. The default is 'always'. For more information see [Transparent - Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge). type: string type: object maxCount: - description: 'MaxCount: The maximum number of nodes for auto-scaling' type: integer maxPods: - description: 'MaxPods: The maximum number of pods that can run on a node.' type: integer messageOfTheDay: - description: |- - MessageOfTheDay: Message of the day for Linux nodes, base64-encoded. A base64-encoded string which will be written to - /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified - for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script). type: string minCount: - description: 'MinCount: The minimum number of nodes for auto-scaling' type: integer mode: - description: |- - Mode: The mode of an agent pool. A cluster must have at least one 'System' Agent Pool at all times. For additional - information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools type: string name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string networkProfile: - description: 'NetworkProfile: Network-related settings of an agent pool.' properties: allowedHostPorts: - description: 'AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.' items: - description: The port range. properties: portEnd: - description: |- - PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or - equal to portStart. type: integer portStart: - description: |- - PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or - equal to portEnd. type: integer protocol: - description: 'Protocol: The network protocol of the port.' type: string type: object type: array applicationSecurityGroups: - description: 'ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.' items: type: string type: array nodePublicIPTags: - description: 'NodePublicIPTags: IPTags of instance-level public IPs.' items: - description: Contains the IPTag associated with the object. properties: ipTagType: - description: 'IpTagType: The IP tag type. Example: RoutingPreference.' type: string tag: - description: 'Tag: The value of the IP tag associated with the public IP. Example: Internet.' type: string type: object type: array type: object nodeImageVersion: - description: 'NodeImageVersion: The version of node image' type: string nodeLabels: additionalProperties: type: string - description: 'NodeLabels: The node labels to be persisted across all nodes in agent pool.' type: object nodePublicIPPrefixID: - description: |- - NodePublicIPPrefixID: The public IP prefix ID which VM nodes should use IPs from. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} type: string nodeTaints: - description: 'NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.' items: type: string type: array orchestratorVersion: - description: |- - OrchestratorVersion: The version of Kubernetes specified by the user. Both patch version (e.g. - 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch - version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x - -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade - all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version - as the control plane. The node pool minor version must be within two minor versions of the control plane version. The - node pool version cannot be greater than the control plane version. For more information see [upgrading a node - pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool). type: string osDiskSizeGB: type: integer osDiskType: - description: |- - OsDiskType: The OS disk type to be used for machines in the agent pool. The default is 'Ephemeral' if the VM supports it - and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after - creation. For more information see [Ephemeral - OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os). type: string osSKU: - description: |- - OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 - when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. type: string osType: - description: 'OsType: The operating system type. The default is Linux.' type: string podIPAllocationMode: - description: |- - PodIPAllocationMode: Pod IP Allocation Mode. The IP allocation mode for pods in the agent pool. Must be used with - podSubnetId. The default is 'DynamicIndividual'. type: string podSubnetID: - description: |- - PodSubnetID: The ID of the subnet which pods will join when launched. If omitted, pod IPs are statically assigned on the - node subnet (see vnetSubnetID for more details). This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string powerState: - description: |- - PowerState: Whether the Agent Pool is running or stopped. When an Agent Pool is first created it is initially Running. - The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not - accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded properties: code: - description: 'Code: Tells whether the cluster is Running or Stopped' type: string type: object properties_type: - description: 'PropertiesType: The type of Agent Pool.' type: string provisioningState: - description: 'ProvisioningState: The current deployment or provisioning state.' type: string proximityPlacementGroupID: - description: 'ProximityPlacementGroupID: The ID for Proximity Placement Group.' type: string scaleDownMode: - description: |- - ScaleDownMode: The scale down mode to use when scaling the Agent Pool. This also effects the cluster autoscaler - behavior. If not specified, it defaults to Delete. type: string scaleSetEvictionPolicy: - description: |- - ScaleSetEvictionPolicy: The Virtual Machine Scale Set eviction policy to use. This cannot be specified unless the - scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'. type: string scaleSetPriority: - description: 'ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is ''Regular''.' type: string securityProfile: - description: 'SecurityProfile: The security settings of an agent pool.' properties: enableSecureBoot: - description: |- - EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and - drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean enableVTPM: - description: |- - EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held - locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. type: boolean sshAccess: - description: 'SshAccess: SSH access method of an agent pool.' type: string type: object spotMaxPrice: - description: |- - SpotMaxPrice: The max price (in US Dollars) you are willing to pay for spot instances. Possible values are any decimal - value greater than zero or -1 which indicates default price to be up-to on-demand. Possible values are any decimal value - greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, - see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing) type: number status: - description: 'Status: Contains read-only information about the Agent Pool.' properties: provisioningError: - description: |- - ProvisioningError: The error detail information of the agent pool. Preserves the detailed info of failure. If there was - no error, this field is omitted. properties: additionalInfo: - description: 'AdditionalInfo: The error additional info.' items: - description: The resource management error additional info. properties: info: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Info: The additional info.' type: object type: - description: 'Type: The additional info type.' type: string type: object type: array code: - description: 'Code: The error code.' type: string details: - description: 'Details: The error details.' items: properties: additionalInfo: - description: 'AdditionalInfo: The error additional info.' items: - description: The resource management error additional info. properties: info: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: 'Info: The additional info.' type: object type: - description: 'Type: The additional info type.' type: string type: object type: array code: - description: 'Code: The error code.' type: string message: - description: 'Message: The error message.' type: string target: - description: 'Target: The error target.' type: string type: object type: array message: - description: 'Message: The error message.' type: string target: - description: 'Target: The error target.' type: string type: object type: object tags: additionalProperties: type: string - description: 'Tags: The tags to be persisted on the agent pool virtual machine scale set.' type: object type: - description: 'Type: Resource type' type: string upgradeSettings: - description: 'UpgradeSettings: Settings for upgrading the agentpool' properties: drainTimeoutInMinutes: - description: |- - DrainTimeoutInMinutes: The drain timeout for a node. The amount of time (in minutes) to wait on eviction of pods and - graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is - exceeded, the upgrade fails. If not specified, the default is 30 minutes. type: integer maxSurge: - description: |- - MaxSurge: The maximum number or percentage of nodes that are surged during upgrade. This can either be set to an integer - (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size - at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 10%. For - more information, including best practices, see: https://learn.microsoft.com/en-us/azure/aks/upgrade-cluster type: string maxUnavailable: - description: |- - MaxUnavailable: The maximum number or percentage of nodes that can be simultaneously unavailable during upgrade. This - can either be set to an integer (e.g. '1') or a percentage (e.g. '5%'). If a percentage is specified, it is the - percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If - not specified, the default is 0. For more information, including best practices, see: - https://learn.microsoft.com/en-us/azure/aks/upgrade-cluster type: string nodeSoakDurationInMinutes: - description: |- - NodeSoakDurationInMinutes: The soak duration for a node. The amount of time (in minutes) to wait after draining a node - and before reimaging it and moving on to next node. If not specified, the default is 0 minutes. type: integer undrainableNodeBehavior: - description: |- - UndrainableNodeBehavior: Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable - nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the - remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. type: string type: object virtualMachineNodesStatus: items: - description: Current status on a group of nodes of the same vm size. properties: count: - description: 'Count: Number of nodes.' type: integer size: - description: 'Size: The VM size of the agents used to host this group of nodes.' type: string type: object type: array virtualMachinesProfile: - description: 'VirtualMachinesProfile: Specifications on VirtualMachines agent pool.' properties: scale: - description: 'Scale: Specifications on how to scale a VirtualMachines agent pool.' properties: manual: - description: 'Manual: Specifications on how to scale the VirtualMachines agent pool to a fixed size.' items: - description: Specifications on number of machines. properties: count: - description: 'Count: Number of nodes.' type: integer size: - description: |- - Size: VM size that AKS will use when creating and scaling e.g. 'Standard_E4s_v3', 'Standard_E16s_v3' or - 'Standard_D16s_v5'. type: string type: object type: array type: object type: object vmSize: - description: |- - VmSize: The size of the agent pool VMs. VM size availability varies by region. If a node contains insufficient compute - resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: - https://docs.microsoft.com/azure/aks/quotas-skus-regions type: string vnetSubnetID: - description: |- - VnetSubnetID: The ID of the subnet which agent pool nodes and optionally pods will join on startup. If this is not - specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, - otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} type: string windowsProfile: - description: 'WindowsProfile: The Windows agent pool''s specific profile.' properties: disableOutboundNat: - description: |- - DisableOutboundNat: Whether to disable OutboundNAT in windows nodes. The default value is false. Outbound NAT can only - be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled. type: boolean type: object workloadRuntime: - description: 'WorkloadRuntime: Determines the type of workload a node can run.' type: string type: object type: object @@ -57976,100 +37849,55 @@ spec: name: v1api20250801storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20250801.ManagedClustersAgentPool - Generator information: - - Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2025-08-01/managedClusters.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20250801.ManagedClustersAgentPool_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: type: string type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string capacityReservationGroupReference: - description: 'CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object count: type: integer creationData: - description: |- - Storage version of v1api20250801.CreationData - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceReference: - description: 'SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -58084,16 +37912,10 @@ spec: enableUltraSSD: type: boolean gatewayProfile: - description: |- - Storage version of v1api20250801.AgentPoolGatewayProfile - Profile of the managed cluster gateway agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixSize: type: integer @@ -58101,56 +37923,31 @@ spec: gpuInstanceProfile: type: string gpuProfile: - description: |- - Storage version of v1api20250801.GPUProfile - GPU settings for the Agent Pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object driver: type: string type: object hostGroupReference: - description: |- - HostGroupReference: The fully qualified resource ID of the Dedicated Host Group to provision virtual machines from, used - only in creation scenario and not allowed to changed once set. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. - For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts). properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object kubeletConfig: - description: |- - Storage version of v1api20250801.KubeletConfig - Kubelet configurations of agent nodes. See [AKS custom node - configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -58180,31 +37977,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20250801.LinuxOSConfig - OS configurations of Linux agent nodes. See [AKS custom node - configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20250801.SysctlConfig - Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -58279,29 +38063,17 @@ spec: mode: type: string networkProfile: - description: |- - Storage version of v1api20250801.AgentPoolNetworkProfile - Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: |- - Storage version of v1api20250801.PortRange - The port range. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -58313,38 +38085,24 @@ spec: type: array applicationSecurityGroupsReferences: items: - description: ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20250801.IPTag - Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -58358,25 +38116,15 @@ spec: type: string type: object nodePublicIPPrefixReference: - description: |- - NodePublicIPPrefixReference: The public IP prefix ID which VM nodes should use IPs from. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object nodeTaints: @@ -58384,40 +38132,19 @@ spec: type: string type: array operatorSpec: - description: |- - Storage version of v1api20250801.ManagedClustersAgentPoolOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -58426,27 +38153,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -58467,76 +38179,46 @@ spec: osType: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a containerservice.azure.com/ManagedCluster resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object podIPAllocationMode: type: string podSubnetReference: - description: |- - PodSubnetReference: The ID of the subnet which pods will join when launched. If omitted, pod IPs are statically assigned - on the node subnet (see vnetSubnetID for more details). This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object powerState: - description: |- - Storage version of v1api20250801.PowerState - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string type: object proximityPlacementGroupReference: - description: 'ProximityPlacementGroupReference: The ID for Proximity Placement Group.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object scaleDownMode: @@ -58546,16 +38228,10 @@ spec: scaleSetPriority: type: string securityProfile: - description: |- - Storage version of v1api20250801.AgentPoolSecurityProfile - The security settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enableSecureBoot: type: boolean @@ -58573,16 +38249,10 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20250801.AgentPoolUpgradeSettings - Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -58597,16 +38267,10 @@ spec: type: object virtualMachineNodesStatus: items: - description: |- - Storage version of v1api20250801.VirtualMachineNodes - Current status on a group of nodes of the same vm size. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -58615,41 +38279,23 @@ spec: type: object type: array virtualMachinesProfile: - description: |- - Storage version of v1api20250801.VirtualMachinesProfile - Specifications on VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object scale: - description: |- - Storage version of v1api20250801.ScaleProfile - Specifications on how to scale a VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object manual: items: - description: |- - Storage version of v1api20250801.ManualScaleProfile - Specifications on number of machines. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -58662,40 +38308,22 @@ spec: vmSize: type: string vnetSubnetReference: - description: |- - VnetSubnetReference: The ID of the subnet which agent pool nodes and optionally pods will join on startup. If this is - not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and - pods, otherwise it applies to just nodes. This is of the form: - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object windowsProfile: - description: |- - Storage version of v1api20250801.AgentPoolWindowsProfile - The Windows agent pool's specific profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object disableOutboundNat: type: boolean @@ -58706,14 +38334,10 @@ spec: - owner type: object status: - description: Storage version of v1api20250801.ManagedClustersAgentPool_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object availabilityZones: items: @@ -58723,39 +38347,22 @@ spec: type: string conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -58767,16 +38374,10 @@ spec: count: type: integer creationData: - description: |- - Storage version of v1api20250801.CreationData_STATUS - Data used when creating a target resource from a source resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object sourceResourceId: type: string @@ -58796,16 +38397,10 @@ spec: enableUltraSSD: type: boolean gatewayProfile: - description: |- - Storage version of v1api20250801.AgentPoolGatewayProfile_STATUS - Profile of the managed cluster gateway agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object publicIPPrefixSize: type: integer @@ -58813,16 +38408,10 @@ spec: gpuInstanceProfile: type: string gpuProfile: - description: |- - Storage version of v1api20250801.GPUProfile_STATUS - GPU settings for the Agent Pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object driver: type: string @@ -58832,17 +38421,10 @@ spec: id: type: string kubeletConfig: - description: |- - Storage version of v1api20250801.KubeletConfig_STATUS - Kubelet configurations of agent nodes. See [AKS custom node - configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedUnsafeSysctls: items: @@ -58872,31 +38454,18 @@ spec: kubeletDiskType: type: string linuxOSConfig: - description: |- - Storage version of v1api20250801.LinuxOSConfig_STATUS - OS configurations of Linux agent nodes. See [AKS custom node - configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object swapFileSizeMB: type: integer sysctls: - description: |- - Storage version of v1api20250801.SysctlConfig_STATUS - Sysctl settings for Linux agent nodes. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fsAioMaxNr: type: integer @@ -58973,29 +38542,17 @@ spec: name: type: string networkProfile: - description: |- - Storage version of v1api20250801.AgentPoolNetworkProfile_STATUS - Network settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object allowedHostPorts: items: - description: |- - Storage version of v1api20250801.PortRange_STATUS - The port range. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object portEnd: type: integer @@ -59011,16 +38568,10 @@ spec: type: array nodePublicIPTags: items: - description: |- - Storage version of v1api20250801.IPTag_STATUS - Contains the IPTag associated with the object. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object ipTagType: type: string @@ -59056,16 +38607,10 @@ spec: podSubnetID: type: string powerState: - description: |- - Storage version of v1api20250801.PowerState_STATUS - Describes the Power State of the cluster properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object code: type: string @@ -59083,16 +38628,10 @@ spec: scaleSetPriority: type: string securityProfile: - description: |- - Storage version of v1api20250801.AgentPoolSecurityProfile_STATUS - The security settings of an agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enableSecureBoot: type: boolean @@ -59104,41 +38643,23 @@ spec: spotMaxPrice: type: number status: - description: |- - Storage version of v1api20250801.AgentPoolStatus_STATUS - Contains read-only information about the Agent Pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object provisioningError: - description: |- - Storage version of v1api20250801.ErrorDetail_STATUS - The error detail. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object additionalInfo: items: - description: |- - Storage version of v1api20250801.ErrorAdditionalInfo_STATUS - The resource management error additional info. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object info: additionalProperties: @@ -59152,27 +38673,17 @@ spec: type: string details: items: - description: Storage version of v1api20250801.ErrorDetail_STATUS_Unrolled properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object additionalInfo: items: - description: |- - Storage version of v1api20250801.ErrorAdditionalInfo_STATUS - The resource management error additional info. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object info: additionalProperties: @@ -59203,16 +38714,10 @@ spec: type: type: string upgradeSettings: - description: |- - Storage version of v1api20250801.AgentPoolUpgradeSettings_STATUS - Settings for upgrading an agentpool properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object drainTimeoutInMinutes: type: integer @@ -59227,16 +38732,10 @@ spec: type: object virtualMachineNodesStatus: items: - description: |- - Storage version of v1api20250801.VirtualMachineNodes_STATUS - Current status on a group of nodes of the same vm size. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -59245,41 +38744,23 @@ spec: type: object type: array virtualMachinesProfile: - description: |- - Storage version of v1api20250801.VirtualMachinesProfile_STATUS - Specifications on VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object scale: - description: |- - Storage version of v1api20250801.ScaleProfile_STATUS - Specifications on how to scale a VirtualMachines agent pool. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object manual: items: - description: |- - Storage version of v1api20250801.ManualScaleProfile_STATUS - Specifications on number of machines. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object count: type: integer @@ -59294,16 +38775,10 @@ spec: vnetSubnetID: type: string windowsProfile: - description: |- - Storage version of v1api20250801.AgentPoolWindowsProfile_STATUS - The Windows agent pool's specific profile. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object disableOutboundNat: type: boolean @@ -59367,70 +38842,31 @@ spec: name: v1api20220701 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/natGateway.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/natGateways/{natGatewayName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: The idle timeout of the nat gateway.' type: integer location: - description: 'Location: Resource location.' type: string operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -59438,29 +38874,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -59469,77 +38889,50 @@ spec: type: array type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object publicIpAddresses: - description: 'PublicIpAddresses: An array of public ip addresses associated with the nat gateway resource.' items: - description: Reference to another ARM resource. properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array publicIpPrefixes: - description: 'PublicIpPrefixes: An array of public ip prefixes associated with the nat gateway resource.' items: - description: Reference to another ARM resource. properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array sku: - description: 'Sku: The nat gateway SKU.' properties: name: - description: 'Name: Name of Nat Gateway SKU.' enum: - Standard type: string @@ -59547,10 +38940,8 @@ spec: tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object zones: - description: 'Zones: A list of availability zones denoting the zone in which Nat Gateway should be deployed.' items: type: string type: array @@ -59558,44 +38949,25 @@ spec: - owner type: object status: - description: Nat Gateway resource. properties: conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -59605,73 +38977,52 @@ spec: type: object type: array etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string id: - description: 'Id: Resource ID.' type: string idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: The idle timeout of the nat gateway.' type: integer location: - description: 'Location: Resource location.' type: string name: - description: 'Name: Resource name.' type: string provisioningState: - description: 'ProvisioningState: The provisioning state of the NAT gateway resource.' type: string publicIpAddresses: - description: 'PublicIpAddresses: An array of public ip addresses associated with the nat gateway resource.' items: - description: Reference to another ARM resource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array publicIpPrefixes: - description: 'PublicIpPrefixes: An array of public ip prefixes associated with the nat gateway resource.' items: - description: Reference to another ARM resource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array resourceGuid: - description: 'ResourceGuid: The resource GUID property of the NAT gateway resource.' type: string sku: - description: 'Sku: The nat gateway SKU.' properties: name: - description: 'Name: Name of Nat Gateway SKU.' type: string type: object subnets: - description: 'Subnets: An array of references to the subnets using this nat gateway resource.' items: - description: Reference to another ARM resource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object type: - description: 'Type: Resource type.' type: string zones: - description: 'Zones: A list of availability zones denoting the zone in which Nat Gateway should be deployed.' items: type: string type: array @@ -59697,83 +39048,39 @@ spec: name: v1api20220701storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20220701.NatGateway - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/natGateway.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/natGateways/{natGatewayName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20220701.NatGateway_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string idleTimeoutInMinutes: type: integer location: type: string operatorSpec: - description: |- - Storage version of v1api20220701.NatGatewayOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -59782,27 +39089,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -59813,99 +39105,60 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object publicIpAddresses: items: - description: |- - Storage version of v1api20220701.SubResource - Reference to another ARM resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array publicIpPrefixes: items: - description: |- - Storage version of v1api20220701.SubResource - Reference to another ARM resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array sku: - description: |- - Storage version of v1api20220701.NatGatewaySku - SKU of nat gateway. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -59922,52 +39175,29 @@ spec: - owner type: object status: - description: |- - Storage version of v1api20220701.NatGateway_STATUS - Nat Gateway resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -59990,16 +39220,10 @@ spec: type: string publicIpAddresses: items: - description: |- - Storage version of v1api20220701.SubResource_STATUS - Reference to another ARM resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -60007,16 +39231,10 @@ spec: type: array publicIpPrefixes: items: - description: |- - Storage version of v1api20220701.SubResource_STATUS - Reference to another ARM resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -60025,32 +39243,20 @@ spec: resourceGuid: type: string sku: - description: |- - Storage version of v1api20220701.NatGatewaySku_STATUS - SKU of nat gateway. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string type: object subnets: items: - description: |- - Storage version of v1api20220701.SubResource_STATUS - Reference to another ARM resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -60088,70 +39294,31 @@ spec: name: v1api20240301 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/natGateway.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/natGateways/{natGatewayName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: The idle timeout of the nat gateway.' type: integer location: - description: 'Location: Resource location.' type: string operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -60159,29 +39326,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -60190,77 +39341,50 @@ spec: type: array type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object publicIpAddresses: - description: 'PublicIpAddresses: An array of public ip addresses associated with the nat gateway resource.' items: - description: Reference to another subresource. properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array publicIpPrefixes: - description: 'PublicIpPrefixes: An array of public ip prefixes associated with the nat gateway resource.' items: - description: Reference to another subresource. properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array sku: - description: 'Sku: The nat gateway SKU.' properties: name: - description: 'Name: Name of Nat Gateway SKU.' enum: - Standard type: string @@ -60268,10 +39392,8 @@ spec: tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object zones: - description: 'Zones: A list of availability zones denoting the zone in which Nat Gateway should be deployed.' items: type: string type: array @@ -60279,44 +39401,25 @@ spec: - owner type: object status: - description: Nat Gateway resource. properties: conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -60326,73 +39429,52 @@ spec: type: object type: array etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string id: - description: 'Id: Resource ID.' type: string idleTimeoutInMinutes: - description: 'IdleTimeoutInMinutes: The idle timeout of the nat gateway.' type: integer location: - description: 'Location: Resource location.' type: string name: - description: 'Name: Resource name.' type: string provisioningState: - description: 'ProvisioningState: The provisioning state of the NAT gateway resource.' type: string publicIpAddresses: - description: 'PublicIpAddresses: An array of public ip addresses associated with the nat gateway resource.' items: - description: Reference to another subresource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array publicIpPrefixes: - description: 'PublicIpPrefixes: An array of public ip prefixes associated with the nat gateway resource.' items: - description: Reference to another subresource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array resourceGuid: - description: 'ResourceGuid: The resource GUID property of the NAT gateway resource.' type: string sku: - description: 'Sku: The nat gateway SKU.' properties: name: - description: 'Name: Name of Nat Gateway SKU.' type: string type: object subnets: - description: 'Subnets: An array of references to the subnets using this nat gateway resource.' items: - description: Reference to another subresource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object type: - description: 'Type: Resource type.' type: string zones: - description: 'Zones: A list of availability zones denoting the zone in which Nat Gateway should be deployed.' items: type: string type: array @@ -60418,83 +39500,39 @@ spec: name: v1api20240301storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20240301.NatGateway - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/natGateway.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/natGateways/{natGatewayName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20240301.NatGateway_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string idleTimeoutInMinutes: type: integer location: type: string operatorSpec: - description: |- - Storage version of v1api20240301.NatGatewayOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -60503,27 +39541,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -60534,99 +39557,60 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object publicIpAddresses: items: - description: |- - Storage version of v1api20240301.SubResource - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array publicIpPrefixes: items: - description: |- - Storage version of v1api20240301.SubResource - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array sku: - description: |- - Storage version of v1api20240301.NatGatewaySku - SKU of nat gateway. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -60643,52 +39627,29 @@ spec: - owner type: object status: - description: |- - Storage version of v1api20240301.NatGateway_STATUS - Nat Gateway resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -60711,16 +39672,10 @@ spec: type: string publicIpAddresses: items: - description: |- - Storage version of v1api20240301.SubResource_STATUS - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -60728,16 +39683,10 @@ spec: type: array publicIpPrefixes: items: - description: |- - Storage version of v1api20240301.SubResource_STATUS - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -60746,32 +39695,20 @@ spec: resourceGuid: type: string sku: - description: |- - Storage version of v1api20240301.NatGatewaySku_STATUS - SKU of nat gateway. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string type: object subnets: items: - description: |- - Storage version of v1api20240301.SubResource_STATUS - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -60844,187 +39781,102 @@ spec: name: v1api20220701 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/privateEndpoint.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateEndpoints/{privateEndpointName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: applicationSecurityGroups: - description: 'ApplicationSecurityGroups: Application security groups in which the private endpoint IP configuration is included.' items: - description: An application security group in a resource group. properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string customNetworkInterfaceName: - description: 'CustomNetworkInterfaceName: The custom name of the network interface attached to the private endpoint.' type: string extendedLocation: - description: 'ExtendedLocation: The extended location of the load balancer.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' enum: - EdgeZone type: string type: object ipConfigurations: - description: |- - IpConfigurations: A list of IP configurations of the private endpoint. This will be used to map to the First Party - Service's endpoints. items: - description: An IP Configuration of the private endpoint. properties: groupId: - description: 'GroupId: The ID of a group obtained from the remote resource that this private endpoint should connect to.' type: string memberName: - description: 'MemberName: The member name of a group obtained from the remote resource that this private endpoint should connect to.' type: string name: - description: 'Name: The name of the resource that is unique within a resource group.' type: string privateIPAddress: - description: 'PrivateIPAddress: A private ip address obtained from the private endpoint''s subnet.' type: string type: object type: array location: - description: 'Location: Resource location.' type: string manualPrivateLinkServiceConnections: - description: |- - ManualPrivateLinkServiceConnections: A grouping of information about the connection to the remote resource. Used when - the network admin does not have access to approve connections to the remote resource. items: - description: PrivateLinkServiceConnection resource. properties: groupIds: - description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' items: type: string type: array name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string privateLinkServiceConnectionState: - description: |- - PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote - resource. properties: actionsRequired: - description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' - type: string - description: - description: 'Description: The reason for approval/rejection of the connection.' type: string status: - description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' type: string type: object privateLinkServiceReference: - description: 'PrivateLinkServiceReference: The resource id of private link service.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requestMessage: - description: |- - RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 - chars. type: string type: object type: array operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -61032,20 +39884,12 @@ spec: type: object type: array configMaps: - description: 'ConfigMaps: configures where to place operator written ConfigMaps.' properties: primaryNicPrivateIpAddress: - description: |- - PrimaryNicPrivateIpAddress: indicates where the PrimaryNicPrivateIpAddress config map should be placed. If omitted, no - config map will be created. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -61053,29 +39897,13 @@ spec: type: object type: object secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -61084,154 +39912,94 @@ spec: type: array type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object privateLinkServiceConnections: - description: 'PrivateLinkServiceConnections: A grouping of information about the connection to the remote resource.' items: - description: PrivateLinkServiceConnection resource. properties: groupIds: - description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' items: type: string type: array name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string privateLinkServiceConnectionState: - description: |- - PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote - resource. properties: actionsRequired: - description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' - type: string - description: - description: 'Description: The reason for approval/rejection of the connection.' type: string status: - description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' type: string type: object privateLinkServiceReference: - description: 'PrivateLinkServiceReference: The resource id of private link service.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requestMessage: - description: |- - RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 - chars. type: string type: object type: array subnet: - description: 'Subnet: The ID of the subnet from which the private IP will be allocated.' properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object required: - owner type: object status: - description: Private endpoint resource. properties: applicationSecurityGroups: - description: 'ApplicationSecurityGroups: Application security groups in which the private endpoint IP configuration is included.' items: - description: An application security group in a resource group. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -61241,201 +40009,129 @@ spec: type: object type: array customDnsConfigs: - description: 'CustomDnsConfigs: An array of custom dns configurations.' items: - description: Contains custom Dns resolution configuration from customer. properties: fqdn: - description: 'Fqdn: Fqdn that resolves to private endpoint ip address.' type: string ipAddresses: - description: 'IpAddresses: A list of private ip addresses of the private endpoint.' items: type: string type: array type: object type: array customNetworkInterfaceName: - description: 'CustomNetworkInterfaceName: The custom name of the network interface attached to the private endpoint.' type: string etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string extendedLocation: - description: 'ExtendedLocation: The extended location of the load balancer.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' type: string type: object id: - description: 'Id: Resource ID.' type: string ipConfigurations: - description: |- - IpConfigurations: A list of IP configurations of the private endpoint. This will be used to map to the First Party - Service's endpoints. items: - description: An IP Configuration of the private endpoint. properties: etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string groupId: - description: 'GroupId: The ID of a group obtained from the remote resource that this private endpoint should connect to.' type: string memberName: - description: 'MemberName: The member name of a group obtained from the remote resource that this private endpoint should connect to.' type: string name: - description: 'Name: The name of the resource that is unique within a resource group.' type: string privateIPAddress: - description: 'PrivateIPAddress: A private ip address obtained from the private endpoint''s subnet.' type: string type: - description: 'Type: The resource type.' type: string type: object type: array location: - description: 'Location: Resource location.' type: string manualPrivateLinkServiceConnections: - description: |- - ManualPrivateLinkServiceConnections: A grouping of information about the connection to the remote resource. Used when - the network admin does not have access to approve connections to the remote resource. items: - description: PrivateLinkServiceConnection resource. properties: etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string groupIds: - description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' items: type: string type: array id: - description: 'Id: Resource ID.' type: string name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string privateLinkServiceConnectionState: - description: |- - PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote - resource. properties: actionsRequired: - description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' - type: string - description: - description: 'Description: The reason for approval/rejection of the connection.' type: string status: - description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' type: string type: object privateLinkServiceId: - description: 'PrivateLinkServiceId: The resource id of private link service.' type: string provisioningState: - description: 'ProvisioningState: The provisioning state of the private link service connection resource.' type: string requestMessage: - description: |- - RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 - chars. type: string type: - description: 'Type: The resource type.' type: string type: object type: array name: - description: 'Name: Resource name.' type: string networkInterfaces: - description: 'NetworkInterfaces: An array of references to the network interfaces created for this private endpoint.' items: - description: A network interface in a resource group. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array privateLinkServiceConnections: - description: 'PrivateLinkServiceConnections: A grouping of information about the connection to the remote resource.' items: - description: PrivateLinkServiceConnection resource. properties: etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string groupIds: - description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' items: type: string type: array id: - description: 'Id: Resource ID.' type: string name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string privateLinkServiceConnectionState: - description: |- - PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote - resource. properties: actionsRequired: - description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' - type: string - description: - description: 'Description: The reason for approval/rejection of the connection.' type: string status: - description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' type: string type: object privateLinkServiceId: - description: 'PrivateLinkServiceId: The resource id of private link service.' type: string provisioningState: - description: 'ProvisioningState: The provisioning state of the private link service connection resource.' type: string requestMessage: - description: |- - RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 - chars. type: string type: - description: 'Type: The resource type.' type: string type: object type: array provisioningState: - description: 'ProvisioningState: The provisioning state of the private endpoint resource.' type: string subnet: - description: 'Subnet: The ID of the subnet from which the private IP will be allocated.' properties: id: - description: 'Id: Resource ID.' type: string type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object type: - description: 'Type: Resource type.' type: string type: object type: object @@ -61459,92 +40155,49 @@ spec: name: v1api20220701storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20220701.PrivateEndpoint - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2022-07-01/privateEndpoint.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateEndpoints/{privateEndpointName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20220701.PrivateEndpoint_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object applicationSecurityGroups: items: - description: |- - Storage version of v1api20220701.ApplicationSecurityGroupSpec_PrivateEndpoint_SubResourceEmbedded - An application security group in a resource group. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string customNetworkInterfaceName: type: string extendedLocation: - description: |- - Storage version of v1api20220701.ExtendedLocation - ExtendedLocation complex type. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -61553,16 +40206,10 @@ spec: type: object ipConfigurations: items: - description: |- - Storage version of v1api20220701.PrivateEndpointIPConfiguration - An IP Configuration of the private endpoint. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object groupId: type: string @@ -61578,16 +40225,10 @@ spec: type: string manualPrivateLinkServiceConnections: items: - description: |- - Storage version of v1api20220701.PrivateLinkServiceConnection - PrivateLinkServiceConnection resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object groupIds: items: @@ -61596,42 +40237,26 @@ spec: name: type: string privateLinkServiceConnectionState: - description: |- - Storage version of v1api20220701.PrivateLinkServiceConnectionState - A collection of information about the state of the connection between service consumer and provider. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object actionsRequired: type: string - description: - type: string status: type: string type: object privateLinkServiceReference: - description: 'PrivateLinkServiceReference: The resource id of private link service.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requestMessage: @@ -61639,40 +40264,19 @@ spec: type: object type: array operatorSpec: - description: |- - Storage version of v1api20220701.PrivateEndpointOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -61680,28 +40284,16 @@ spec: type: object type: array configMaps: - description: Storage version of v1api20220701.PrivateEndpointOperatorConfigMaps properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object primaryNicPrivateIpAddress: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to: SecretDestination in secrets.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -61710,27 +40302,12 @@ spec: type: object secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -61741,30 +40318,19 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object privateLinkServiceConnections: items: - description: |- - Storage version of v1api20220701.PrivateLinkServiceConnection - PrivateLinkServiceConnection resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object groupIds: items: @@ -61773,42 +40339,26 @@ spec: name: type: string privateLinkServiceConnectionState: - description: |- - Storage version of v1api20220701.PrivateLinkServiceConnectionState - A collection of information about the state of the connection between service consumer and provider. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object actionsRequired: type: string - description: - type: string status: type: string type: object privateLinkServiceReference: - description: 'PrivateLinkServiceReference: The resource id of private link service.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requestMessage: @@ -61816,35 +40366,21 @@ spec: type: object type: array subnet: - description: |- - Storage version of v1api20220701.Subnet_PrivateEndpoint_SubResourceEmbedded - Subnet in a virtual network resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -61856,29 +40392,17 @@ spec: - owner type: object status: - description: |- - Storage version of v1api20220701.PrivateEndpoint_STATUS - Private endpoint resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object applicationSecurityGroups: items: - description: |- - Storage version of v1api20220701.ApplicationSecurityGroup_STATUS_PrivateEndpoint_SubResourceEmbedded - An application security group in a resource group. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -61886,39 +40410,22 @@ spec: type: array conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -61929,16 +40436,10 @@ spec: type: array customDnsConfigs: items: - description: |- - Storage version of v1api20220701.CustomDnsConfigPropertiesFormat_STATUS - Contains custom Dns resolution configuration from customer. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fqdn: type: string @@ -61953,16 +40454,10 @@ spec: etag: type: string extendedLocation: - description: |- - Storage version of v1api20220701.ExtendedLocation_STATUS - ExtendedLocation complex type. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -61973,16 +40468,10 @@ spec: type: string ipConfigurations: items: - description: |- - Storage version of v1api20220701.PrivateEndpointIPConfiguration_STATUS - An IP Configuration of the private endpoint. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object etag: type: string @@ -62002,16 +40491,10 @@ spec: type: string manualPrivateLinkServiceConnections: items: - description: |- - Storage version of v1api20220701.PrivateLinkServiceConnection_STATUS - PrivateLinkServiceConnection resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object etag: type: string @@ -62024,21 +40507,13 @@ spec: name: type: string privateLinkServiceConnectionState: - description: |- - Storage version of v1api20220701.PrivateLinkServiceConnectionState_STATUS - A collection of information about the state of the connection between service consumer and provider. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object actionsRequired: type: string - description: - type: string status: type: string type: object @@ -62056,16 +40531,10 @@ spec: type: string networkInterfaces: items: - description: |- - Storage version of v1api20220701.NetworkInterface_STATUS_PrivateEndpoint_SubResourceEmbedded - A network interface in a resource group. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -62073,16 +40542,10 @@ spec: type: array privateLinkServiceConnections: items: - description: |- - Storage version of v1api20220701.PrivateLinkServiceConnection_STATUS - PrivateLinkServiceConnection resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object etag: type: string @@ -62095,21 +40558,13 @@ spec: name: type: string privateLinkServiceConnectionState: - description: |- - Storage version of v1api20220701.PrivateLinkServiceConnectionState_STATUS - A collection of information about the state of the connection between service consumer and provider. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object actionsRequired: type: string - description: - type: string status: type: string type: object @@ -62126,16 +40581,10 @@ spec: provisioningState: type: string subnet: - description: |- - Storage version of v1api20220701.Subnet_STATUS_PrivateEndpoint_SubResourceEmbedded - Subnet in a virtual network resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -62168,187 +40617,102 @@ spec: name: v1api20240301 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/privateEndpoint.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateEndpoints/{privateEndpointName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: applicationSecurityGroups: - description: 'ApplicationSecurityGroups: Application security groups in which the private endpoint IP configuration is included.' items: - description: An application security group in a resource group. properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string customNetworkInterfaceName: - description: 'CustomNetworkInterfaceName: The custom name of the network interface attached to the private endpoint.' type: string extendedLocation: - description: 'ExtendedLocation: The extended location of the load balancer.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' enum: - EdgeZone type: string type: object ipConfigurations: - description: |- - IpConfigurations: A list of IP configurations of the private endpoint. This will be used to map to the First Party - Service's endpoints. items: - description: An IP Configuration of the private endpoint. properties: groupId: - description: 'GroupId: The ID of a group obtained from the remote resource that this private endpoint should connect to.' type: string memberName: - description: 'MemberName: The member name of a group obtained from the remote resource that this private endpoint should connect to.' type: string name: - description: 'Name: The name of the resource that is unique within a resource group.' type: string privateIPAddress: - description: 'PrivateIPAddress: A private ip address obtained from the private endpoint''s subnet.' type: string type: object type: array location: - description: 'Location: Resource location.' type: string manualPrivateLinkServiceConnections: - description: |- - ManualPrivateLinkServiceConnections: A grouping of information about the connection to the remote resource. Used when - the network admin does not have access to approve connections to the remote resource. items: - description: PrivateLinkServiceConnection resource. properties: groupIds: - description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' items: type: string type: array name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string privateLinkServiceConnectionState: - description: |- - PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote - resource. properties: actionsRequired: - description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' - type: string - description: - description: 'Description: The reason for approval/rejection of the connection.' type: string status: - description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' type: string type: object privateLinkServiceReference: - description: 'PrivateLinkServiceReference: The resource id of private link service.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requestMessage: - description: |- - RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 - chars. type: string type: object type: array operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -62356,20 +40720,12 @@ spec: type: object type: array configMaps: - description: 'ConfigMaps: configures where to place operator written ConfigMaps.' properties: primaryNicPrivateIpAddress: - description: |- - PrimaryNicPrivateIpAddress: indicates where the PrimaryNicPrivateIpAddress config map should be placed. If omitted, no - config map will be created. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -62377,29 +40733,13 @@ spec: type: object type: object secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -62408,154 +40748,94 @@ spec: type: array type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object privateLinkServiceConnections: - description: 'PrivateLinkServiceConnections: A grouping of information about the connection to the remote resource.' items: - description: PrivateLinkServiceConnection resource. properties: groupIds: - description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' items: type: string type: array name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string privateLinkServiceConnectionState: - description: |- - PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote - resource. properties: actionsRequired: - description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' - type: string - description: - description: 'Description: The reason for approval/rejection of the connection.' type: string status: - description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' type: string type: object privateLinkServiceReference: - description: 'PrivateLinkServiceReference: The resource id of private link service.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requestMessage: - description: |- - RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 - chars. type: string type: object type: array subnet: - description: 'Subnet: The ID of the subnet from which the private IP will be allocated.' properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object required: - owner type: object status: - description: Private endpoint resource. properties: applicationSecurityGroups: - description: 'ApplicationSecurityGroups: Application security groups in which the private endpoint IP configuration is included.' items: - description: An application security group in a resource group. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -62565,201 +40845,129 @@ spec: type: object type: array customDnsConfigs: - description: 'CustomDnsConfigs: An array of custom dns configurations.' items: - description: Contains custom Dns resolution configuration from customer. properties: fqdn: - description: 'Fqdn: Fqdn that resolves to private endpoint ip address.' type: string ipAddresses: - description: 'IpAddresses: A list of private ip addresses of the private endpoint.' items: type: string type: array type: object type: array customNetworkInterfaceName: - description: 'CustomNetworkInterfaceName: The custom name of the network interface attached to the private endpoint.' type: string etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string extendedLocation: - description: 'ExtendedLocation: The extended location of the load balancer.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' type: string type: object id: - description: 'Id: Resource ID.' type: string ipConfigurations: - description: |- - IpConfigurations: A list of IP configurations of the private endpoint. This will be used to map to the First Party - Service's endpoints. items: - description: An IP Configuration of the private endpoint. properties: etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string groupId: - description: 'GroupId: The ID of a group obtained from the remote resource that this private endpoint should connect to.' type: string memberName: - description: 'MemberName: The member name of a group obtained from the remote resource that this private endpoint should connect to.' type: string name: - description: 'Name: The name of the resource that is unique within a resource group.' type: string privateIPAddress: - description: 'PrivateIPAddress: A private ip address obtained from the private endpoint''s subnet.' type: string type: - description: 'Type: The resource type.' type: string type: object type: array location: - description: 'Location: Resource location.' type: string manualPrivateLinkServiceConnections: - description: |- - ManualPrivateLinkServiceConnections: A grouping of information about the connection to the remote resource. Used when - the network admin does not have access to approve connections to the remote resource. items: - description: PrivateLinkServiceConnection resource. properties: etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string groupIds: - description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' items: type: string type: array id: - description: 'Id: Resource ID.' type: string name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string privateLinkServiceConnectionState: - description: |- - PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote - resource. properties: actionsRequired: - description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' - type: string - description: - description: 'Description: The reason for approval/rejection of the connection.' type: string status: - description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' type: string type: object privateLinkServiceId: - description: 'PrivateLinkServiceId: The resource id of private link service.' type: string provisioningState: - description: 'ProvisioningState: The provisioning state of the private link service connection resource.' type: string requestMessage: - description: |- - RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 - chars. type: string type: - description: 'Type: The resource type.' type: string type: object type: array name: - description: 'Name: Resource name.' type: string networkInterfaces: - description: 'NetworkInterfaces: An array of references to the network interfaces created for this private endpoint.' items: - description: A network interface in a resource group. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array privateLinkServiceConnections: - description: 'PrivateLinkServiceConnections: A grouping of information about the connection to the remote resource.' items: - description: PrivateLinkServiceConnection resource. properties: etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string groupIds: - description: 'GroupIds: The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.' items: type: string type: array id: - description: 'Id: Resource ID.' type: string name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string privateLinkServiceConnectionState: - description: |- - PrivateLinkServiceConnectionState: A collection of read-only information about the state of the connection to the remote - resource. properties: actionsRequired: - description: 'ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer.' - type: string - description: - description: 'Description: The reason for approval/rejection of the connection.' type: string status: - description: 'Status: Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.' type: string type: object privateLinkServiceId: - description: 'PrivateLinkServiceId: The resource id of private link service.' type: string provisioningState: - description: 'ProvisioningState: The provisioning state of the private link service connection resource.' type: string requestMessage: - description: |- - RequestMessage: A message passed to the owner of the remote resource with this connection request. Restricted to 140 - chars. type: string type: - description: 'Type: The resource type.' type: string type: object type: array provisioningState: - description: 'ProvisioningState: The provisioning state of the private endpoint resource.' type: string subnet: - description: 'Subnet: The ID of the subnet from which the private IP will be allocated.' properties: id: - description: 'Id: Resource ID.' type: string type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object type: - description: 'Type: Resource type.' type: string type: object type: object @@ -62783,92 +40991,49 @@ spec: name: v1api20240301storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20240301.PrivateEndpoint - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/privateEndpoint.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateEndpoints/{privateEndpointName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20240301.PrivateEndpoint_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object applicationSecurityGroups: items: - description: |- - Storage version of v1api20240301.ApplicationSecurityGroupSpec_PrivateEndpoint_SubResourceEmbedded - An application security group in a resource group. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string customNetworkInterfaceName: type: string extendedLocation: - description: |- - Storage version of v1api20240301.ExtendedLocation - ExtendedLocation complex type. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -62877,16 +41042,10 @@ spec: type: object ipConfigurations: items: - description: |- - Storage version of v1api20240301.PrivateEndpointIPConfiguration - An IP Configuration of the private endpoint. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object groupId: type: string @@ -62902,16 +41061,10 @@ spec: type: string manualPrivateLinkServiceConnections: items: - description: |- - Storage version of v1api20240301.PrivateLinkServiceConnection - PrivateLinkServiceConnection resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object groupIds: items: @@ -62920,42 +41073,26 @@ spec: name: type: string privateLinkServiceConnectionState: - description: |- - Storage version of v1api20240301.PrivateLinkServiceConnectionState - A collection of information about the state of the connection between service consumer and provider. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object actionsRequired: type: string - description: - type: string status: type: string type: object privateLinkServiceReference: - description: 'PrivateLinkServiceReference: The resource id of private link service.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requestMessage: @@ -62963,40 +41100,19 @@ spec: type: object type: array operatorSpec: - description: |- - Storage version of v1api20240301.PrivateEndpointOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -63004,28 +41120,16 @@ spec: type: object type: array configMaps: - description: Storage version of v1api20240301.PrivateEndpointOperatorConfigMaps properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object primaryNicPrivateIpAddress: - description: |- - ConfigMapDestination describes the location to store a single configmap value - Note: This is similar to: SecretDestination in secrets.go. - Changes to one may need to be made to the others as well. properties: key: - description: Key is the key in the ConfigMap being referenced type: string name: - description: |- - Name is the name of the Kubernetes ConfigMap to write to. - The ConfigMap will be created in the same namespace as the resource. type: string required: - key @@ -63034,27 +41138,12 @@ spec: type: object secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -63065,30 +41154,19 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object privateLinkServiceConnections: items: - description: |- - Storage version of v1api20240301.PrivateLinkServiceConnection - PrivateLinkServiceConnection resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object groupIds: items: @@ -63097,42 +41175,26 @@ spec: name: type: string privateLinkServiceConnectionState: - description: |- - Storage version of v1api20240301.PrivateLinkServiceConnectionState - A collection of information about the state of the connection between service consumer and provider. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object actionsRequired: type: string - description: - type: string status: type: string type: object privateLinkServiceReference: - description: 'PrivateLinkServiceReference: The resource id of private link service.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object requestMessage: @@ -63140,35 +41202,21 @@ spec: type: object type: array subnet: - description: |- - Storage version of v1api20240301.Subnet_PrivateEndpoint_SubResourceEmbedded - Subnet in a virtual network resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -63180,29 +41228,17 @@ spec: - owner type: object status: - description: |- - Storage version of v1api20240301.PrivateEndpoint_STATUS - Private endpoint resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object applicationSecurityGroups: items: - description: |- - Storage version of v1api20240301.ApplicationSecurityGroup_STATUS_PrivateEndpoint_SubResourceEmbedded - An application security group in a resource group. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -63210,39 +41246,22 @@ spec: type: array conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -63253,16 +41272,10 @@ spec: type: array customDnsConfigs: items: - description: |- - Storage version of v1api20240301.CustomDnsConfigPropertiesFormat_STATUS - Contains custom Dns resolution configuration from customer. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object fqdn: type: string @@ -63277,16 +41290,10 @@ spec: etag: type: string extendedLocation: - description: |- - Storage version of v1api20240301.ExtendedLocation_STATUS - ExtendedLocation complex type. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -63297,16 +41304,10 @@ spec: type: string ipConfigurations: items: - description: |- - Storage version of v1api20240301.PrivateEndpointIPConfiguration_STATUS - An IP Configuration of the private endpoint. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object etag: type: string @@ -63326,16 +41327,10 @@ spec: type: string manualPrivateLinkServiceConnections: items: - description: |- - Storage version of v1api20240301.PrivateLinkServiceConnection_STATUS - PrivateLinkServiceConnection resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object etag: type: string @@ -63348,21 +41343,13 @@ spec: name: type: string privateLinkServiceConnectionState: - description: |- - Storage version of v1api20240301.PrivateLinkServiceConnectionState_STATUS - A collection of information about the state of the connection between service consumer and provider. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object actionsRequired: type: string - description: - type: string status: type: string type: object @@ -63380,16 +41367,10 @@ spec: type: string networkInterfaces: items: - description: |- - Storage version of v1api20240301.NetworkInterface_STATUS_PrivateEndpoint_SubResourceEmbedded - A network interface in a resource group. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -63397,16 +41378,10 @@ spec: type: array privateLinkServiceConnections: items: - description: |- - Storage version of v1api20240301.PrivateLinkServiceConnection_STATUS - PrivateLinkServiceConnection resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object etag: type: string @@ -63419,21 +41394,13 @@ spec: name: type: string privateLinkServiceConnectionState: - description: |- - Storage version of v1api20240301.PrivateLinkServiceConnectionState_STATUS - A collection of information about the state of the connection between service consumer and provider. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object actionsRequired: type: string - description: - type: string status: type: string type: object @@ -63450,16 +41417,10 @@ spec: provisioningState: type: string subnet: - description: |- - Storage version of v1api20240301.Subnet_STATUS_PrivateEndpoint_SubResourceEmbedded - Subnet in a virtual network resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -63527,74 +41488,33 @@ spec: name: v1api20200601 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /resources/resource-manager/Microsoft.Resources/stable/2020-06-01/resources.json - - ARM URI: /subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. maxLength: 90 minLength: 1 type: string location: - description: |- - Location: The location of the resource group. It cannot be changed after the resource group has been created. It must be - one of the supported Azure locations. type: string managedBy: - description: 'ManagedBy: The ID of the resource that manages this resource group.' type: string operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -63602,29 +41522,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -63635,50 +41539,30 @@ spec: tags: additionalProperties: type: string - description: 'Tags: The tags attached to the resource group.' type: object required: - location type: object status: - description: Resource group information. properties: conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -63688,33 +41572,23 @@ spec: type: object type: array id: - description: 'Id: The ID of the resource group.' type: string location: - description: |- - Location: The location of the resource group. It cannot be changed after the resource group has been created. It must be - one of the supported Azure locations. type: string managedBy: - description: 'ManagedBy: The ID of the resource that manages this resource group.' type: string name: - description: 'Name: The name of the resource group.' type: string properties: - description: 'Properties: The resource group properties.' properties: provisioningState: - description: 'ProvisioningState: The provisioning state.' type: string type: object tags: additionalProperties: type: string - description: 'Tags: The tags attached to the resource group.' type: object type: - description: 'Type: The type of the resource group.' type: string type: object type: object @@ -63738,83 +41612,39 @@ spec: name: v1api20200601storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20200601.ResourceGroup - Generator information: - - Generated from: /resources/resource-manager/Microsoft.Resources/stable/2020-06-01/resources.json - - ARM URI: /subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20200601.ResourceGroup_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string location: type: string managedBy: type: string operatorSpec: - description: |- - Storage version of v1api20200601.ResourceGroupOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -63823,27 +41653,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -63859,52 +41674,29 @@ spec: type: object type: object status: - description: |- - Storage version of v1api20200601.ResourceGroup_STATUS - Resource group information. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -63922,16 +41714,10 @@ spec: name: type: string properties: - description: |- - Storage version of v1api20200601.ResourceGroupProperties_STATUS - The resource group properties. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object provisioningState: type: string @@ -63999,102 +41785,62 @@ spec: name: v1api20201101 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: addressSpace: - description: 'AddressSpace: The AddressSpace that contains an array of IP address ranges that can be used by subnets.' properties: addressPrefixes: - description: 'AddressPrefixes: A list of address blocks reserved for this virtual network in CIDR notation.' items: type: string type: array type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string bgpCommunities: - description: 'BgpCommunities: Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET.' properties: virtualNetworkCommunity: - description: 'VirtualNetworkCommunity: The BGP community associated with the virtual network.' type: string required: - virtualNetworkCommunity type: object ddosProtectionPlan: - description: 'DdosProtectionPlan: The DDoS protection plan associated with the virtual network.' properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object dhcpOptions: - description: 'DhcpOptions: The dhcpOptions that contains an array of DNS servers available to VMs deployed in the virtual network.' properties: dnsServers: - description: 'DnsServers: The list of DNS servers IP addresses.' items: type: string type: array type: object enableDdosProtection: - description: |- - EnableDdosProtection: Indicates if DDoS protection is enabled for all the protected resources in the virtual network. It - requires a DDoS protection plan associated with the resource. type: boolean enableVmProtection: - description: 'EnableVmProtection: Indicates if VM protection is enabled for all the subnets in the virtual network.' type: boolean extendedLocation: - description: 'ExtendedLocation: The extended location of the virtual network.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' enum: - EdgeZone type: string @@ -64103,64 +41849,34 @@ spec: - type type: object ipAllocations: - description: 'IpAllocations: Array of IpAllocation which reference this VNET.' items: - description: Reference to another subresource. properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array location: - description: 'Location: Resource location.' type: string operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -64168,29 +41884,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -64199,84 +41899,54 @@ spec: type: array type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object required: - owner type: object status: - description: Virtual Network resource. properties: addressSpace: - description: 'AddressSpace: The AddressSpace that contains an array of IP address ranges that can be used by subnets.' properties: addressPrefixes: - description: 'AddressPrefixes: A list of address blocks reserved for this virtual network in CIDR notation.' items: type: string type: array type: object bgpCommunities: - description: 'BgpCommunities: Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET.' properties: regionalCommunity: - description: 'RegionalCommunity: The BGP community associated with the region of the virtual network.' type: string virtualNetworkCommunity: - description: 'VirtualNetworkCommunity: The BGP community associated with the virtual network.' type: string type: object conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -64286,74 +41956,52 @@ spec: type: object type: array ddosProtectionPlan: - description: 'DdosProtectionPlan: The DDoS protection plan associated with the virtual network.' properties: id: - description: 'Id: Resource ID.' type: string type: object dhcpOptions: - description: 'DhcpOptions: The dhcpOptions that contains an array of DNS servers available to VMs deployed in the virtual network.' properties: dnsServers: - description: 'DnsServers: The list of DNS servers IP addresses.' items: type: string type: array type: object enableDdosProtection: - description: |- - EnableDdosProtection: Indicates if DDoS protection is enabled for all the protected resources in the virtual network. It - requires a DDoS protection plan associated with the resource. type: boolean enableVmProtection: - description: 'EnableVmProtection: Indicates if VM protection is enabled for all the subnets in the virtual network.' type: boolean etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string extendedLocation: - description: 'ExtendedLocation: The extended location of the virtual network.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' type: string type: object id: - description: 'Id: Resource ID.' type: string ipAllocations: - description: 'IpAllocations: Array of IpAllocation which reference this VNET.' items: - description: Reference to another subresource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array location: - description: 'Location: Resource location.' type: string name: - description: 'Name: Resource name.' type: string provisioningState: - description: 'ProvisioningState: The provisioning state of the virtual network resource.' type: string resourceGuid: - description: 'ResourceGuid: The resourceGuid property of the Virtual Network resource.' type: string tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object type: - description: 'Type: Resource type.' type: string type: object type: object @@ -64377,50 +42025,24 @@ spec: name: v1api20201101storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20201101.VirtualNetwork - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20201101.VirtualNetwork_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object addressSpace: - description: |- - Storage version of v1api20201101.AddressSpace - AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object addressPrefixes: items: @@ -64428,70 +42050,40 @@ spec: type: array type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string bgpCommunities: - description: |- - Storage version of v1api20201101.VirtualNetworkBgpCommunities - Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object virtualNetworkCommunity: type: string type: object ddosProtectionPlan: - description: |- - Storage version of v1api20201101.SubResource - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object dhcpOptions: - description: |- - Storage version of v1api20201101.DhcpOptions - DhcpOptions contains an array of DNS servers available to VMs deployed in the virtual network. Standard DHCP option for - a subnet overrides VNET DHCP options. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServers: items: @@ -64503,16 +42095,10 @@ spec: enableVmProtection: type: boolean extendedLocation: - description: |- - Storage version of v1api20201101.ExtendedLocation - ExtendedLocation complex type. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -64521,35 +42107,21 @@ spec: type: object ipAllocations: items: - description: |- - Storage version of v1api20201101.SubResource - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -64557,40 +42129,19 @@ spec: location: type: string operatorSpec: - description: |- - Storage version of v1api20201101.VirtualNetworkOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -64599,27 +42150,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -64630,16 +42166,11 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object tags: @@ -64650,28 +42181,16 @@ spec: - owner type: object status: - description: |- - Storage version of v1api20201101.VirtualNetwork_STATUS - Virtual Network resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object addressSpace: - description: |- - Storage version of v1api20201101.AddressSpace_STATUS - AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object addressPrefixes: items: @@ -64679,16 +42198,10 @@ spec: type: array type: object bgpCommunities: - description: |- - Storage version of v1api20201101.VirtualNetworkBgpCommunities_STATUS - Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object regionalCommunity: type: string @@ -64697,39 +42210,22 @@ spec: type: object conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -64739,32 +42235,19 @@ spec: type: object type: array ddosProtectionPlan: - description: |- - Storage version of v1api20201101.SubResource_STATUS - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string type: object dhcpOptions: - description: |- - Storage version of v1api20201101.DhcpOptions_STATUS - DhcpOptions contains an array of DNS servers available to VMs deployed in the virtual network. Standard DHCP option for - a subnet overrides VNET DHCP options. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServers: items: @@ -64778,16 +42261,10 @@ spec: etag: type: string extendedLocation: - description: |- - Storage version of v1api20201101.ExtendedLocation_STATUS - ExtendedLocation complex type. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -64798,16 +42275,10 @@ spec: type: string ipAllocations: items: - description: |- - Storage version of v1api20201101.SubResource_STATUS - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -64849,106 +42320,62 @@ spec: name: v1api20240301 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/virtualNetwork.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: addressSpace: - description: 'AddressSpace: The AddressSpace that contains an array of IP address ranges that can be used by subnets.' properties: addressPrefixes: - description: 'AddressPrefixes: A list of address blocks reserved for this virtual network in CIDR notation.' items: type: string type: array type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string bgpCommunities: - description: 'BgpCommunities: Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET.' properties: virtualNetworkCommunity: - description: 'VirtualNetworkCommunity: The BGP community associated with the virtual network.' type: string required: - virtualNetworkCommunity type: object ddosProtectionPlan: - description: 'DdosProtectionPlan: The DDoS protection plan associated with the virtual network.' properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object dhcpOptions: - description: 'DhcpOptions: The dhcpOptions that contains an array of DNS servers available to VMs deployed in the virtual network.' properties: dnsServers: - description: 'DnsServers: The list of DNS servers IP addresses.' items: type: string type: array type: object enableDdosProtection: - description: |- - EnableDdosProtection: Indicates if DDoS protection is enabled for all the protected resources in the virtual network. It - requires a DDoS protection plan associated with the resource. type: boolean enableVmProtection: - description: 'EnableVmProtection: Indicates if VM protection is enabled for all the subnets in the virtual network.' type: boolean encryption: - description: |- - Encryption: Indicates if encryption is enabled on virtual network and if VM without encryption is allowed in encrypted - VNet. properties: enabled: - description: 'Enabled: Indicates if encryption is enabled on the virtual network.' type: boolean enforcement: - description: |- - Enforcement: If the encrypted VNet allows VM that does not support encryption. This field is for future support, - AllowUnencrypted is the only supported value at general availability. enum: - AllowUnencrypted - DropUnencrypted @@ -64957,79 +42384,45 @@ spec: - enabled type: object extendedLocation: - description: 'ExtendedLocation: The extended location of the virtual network.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' enum: - EdgeZone type: string type: object flowTimeoutInMinutes: - description: 'FlowTimeoutInMinutes: The FlowTimeout value (in minutes) for the Virtual Network' type: integer ipAllocations: - description: 'IpAllocations: Array of IpAllocation which reference this VNET.' items: - description: Reference to another subresource. properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array location: - description: 'Location: Resource location.' type: string operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -65037,29 +42430,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -65068,20 +42445,14 @@ spec: type: array type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object privateEndpointVNetPolicies: - description: 'PrivateEndpointVNetPolicies: Private Endpoint VNet Policies.' enum: - Basic - Disabled @@ -65089,69 +42460,44 @@ spec: tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object required: - owner type: object status: - description: Virtual Network resource. properties: addressSpace: - description: 'AddressSpace: The AddressSpace that contains an array of IP address ranges that can be used by subnets.' properties: addressPrefixes: - description: 'AddressPrefixes: A list of address blocks reserved for this virtual network in CIDR notation.' items: type: string type: array type: object bgpCommunities: - description: 'BgpCommunities: Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET.' properties: regionalCommunity: - description: 'RegionalCommunity: The BGP community associated with the region of the virtual network.' type: string virtualNetworkCommunity: - description: 'VirtualNetworkCommunity: The BGP community associated with the virtual network.' type: string type: object conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -65161,104 +42507,70 @@ spec: type: object type: array ddosProtectionPlan: - description: 'DdosProtectionPlan: The DDoS protection plan associated with the virtual network.' properties: id: - description: 'Id: Resource ID.' type: string type: object dhcpOptions: - description: 'DhcpOptions: The dhcpOptions that contains an array of DNS servers available to VMs deployed in the virtual network.' properties: dnsServers: - description: 'DnsServers: The list of DNS servers IP addresses.' items: type: string type: array type: object enableDdosProtection: - description: |- - EnableDdosProtection: Indicates if DDoS protection is enabled for all the protected resources in the virtual network. It - requires a DDoS protection plan associated with the resource. type: boolean enableVmProtection: - description: 'EnableVmProtection: Indicates if VM protection is enabled for all the subnets in the virtual network.' type: boolean encryption: - description: |- - Encryption: Indicates if encryption is enabled on virtual network and if VM without encryption is allowed in encrypted - VNet. properties: enabled: - description: 'Enabled: Indicates if encryption is enabled on the virtual network.' type: boolean enforcement: - description: |- - Enforcement: If the encrypted VNet allows VM that does not support encryption. This field is for future support, - AllowUnencrypted is the only supported value at general availability. type: string type: object etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string extendedLocation: - description: 'ExtendedLocation: The extended location of the virtual network.' properties: name: - description: 'Name: The name of the extended location.' type: string type: - description: 'Type: The type of the extended location.' type: string type: object flowLogs: - description: 'FlowLogs: A collection of references to flow log resources.' items: - description: A flow log resource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array flowTimeoutInMinutes: - description: 'FlowTimeoutInMinutes: The FlowTimeout value (in minutes) for the Virtual Network' type: integer id: - description: 'Id: Resource ID.' type: string ipAllocations: - description: 'IpAllocations: Array of IpAllocation which reference this VNET.' items: - description: Reference to another subresource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array location: - description: 'Location: Resource location.' type: string name: - description: 'Name: Resource name.' type: string privateEndpointVNetPolicies: - description: 'PrivateEndpointVNetPolicies: Private Endpoint VNet Policies.' type: string provisioningState: - description: 'ProvisioningState: The provisioning state of the virtual network resource.' type: string resourceGuid: - description: 'ResourceGuid: The resourceGuid property of the Virtual Network resource.' type: string tags: additionalProperties: type: string - description: 'Tags: Resource tags.' type: object type: - description: 'Type: Resource type.' type: string type: object type: object @@ -65282,50 +42594,24 @@ spec: name: v1api20240301storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20240301.VirtualNetwork - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/virtualNetwork.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20240301.VirtualNetwork_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object addressSpace: - description: |- - Storage version of v1api20240301.AddressSpace - AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object addressPrefixes: items: @@ -65333,70 +42619,40 @@ spec: type: array type: object azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string bgpCommunities: - description: |- - Storage version of v1api20240301.VirtualNetworkBgpCommunities - Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object virtualNetworkCommunity: type: string type: object ddosProtectionPlan: - description: |- - Storage version of v1api20240301.SubResource - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object dhcpOptions: - description: |- - Storage version of v1api20240301.DhcpOptions - DhcpOptions contains an array of DNS servers available to VMs deployed in the virtual network. Standard DHCP option for - a subnet overrides VNET DHCP options. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServers: items: @@ -65408,16 +42664,10 @@ spec: enableVmProtection: type: boolean encryption: - description: |- - Storage version of v1api20240301.VirtualNetworkEncryption - Indicates if encryption is enabled on virtual network and if VM without encryption is allowed in encrypted VNet. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -65425,16 +42675,10 @@ spec: type: string type: object extendedLocation: - description: |- - Storage version of v1api20240301.ExtendedLocation - ExtendedLocation complex type. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -65445,35 +42689,21 @@ spec: type: integer ipAllocations: items: - description: |- - Storage version of v1api20240301.SubResource - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -65481,40 +42711,19 @@ spec: location: type: string operatorSpec: - description: |- - Storage version of v1api20240301.VirtualNetworkOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -65523,27 +42732,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -65554,16 +42748,11 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a resources.azure.com/ResourceGroup resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object privateEndpointVNetPolicies: @@ -65576,28 +42765,16 @@ spec: - owner type: object status: - description: |- - Storage version of v1api20240301.VirtualNetwork_STATUS - Virtual Network resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object addressSpace: - description: |- - Storage version of v1api20240301.AddressSpace_STATUS - AddressSpace contains an array of IP address ranges that can be used by subnets of the virtual network. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object addressPrefixes: items: @@ -65605,16 +42782,10 @@ spec: type: array type: object bgpCommunities: - description: |- - Storage version of v1api20240301.VirtualNetworkBgpCommunities_STATUS - Bgp Communities sent over ExpressRoute with each route corresponding to a prefix in this VNET. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object regionalCommunity: type: string @@ -65623,39 +42794,22 @@ spec: type: object conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -65665,32 +42819,19 @@ spec: type: object type: array ddosProtectionPlan: - description: |- - Storage version of v1api20240301.SubResource_STATUS - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string type: object dhcpOptions: - description: |- - Storage version of v1api20240301.DhcpOptions_STATUS - DhcpOptions contains an array of DNS servers available to VMs deployed in the virtual network. Standard DHCP option for - a subnet overrides VNET DHCP options. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object dnsServers: items: @@ -65702,16 +42843,10 @@ spec: enableVmProtection: type: boolean encryption: - description: |- - Storage version of v1api20240301.VirtualNetworkEncryption_STATUS - Indicates if encryption is enabled on virtual network and if VM without encryption is allowed in encrypted VNet. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object enabled: type: boolean @@ -65721,16 +42856,10 @@ spec: etag: type: string extendedLocation: - description: |- - Storage version of v1api20240301.ExtendedLocation_STATUS - ExtendedLocation complex type. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -65739,16 +42868,10 @@ spec: type: object flowLogs: items: - description: |- - Storage version of v1api20240301.FlowLog_STATUS_SubResourceEmbedded - A flow log resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -65760,16 +42883,10 @@ spec: type: string ipAllocations: items: - description: |- - Storage version of v1api20240301.SubResource_STATUS - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -65848,187 +42965,106 @@ spec: name: v1api20201101 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: addressPrefix: - description: 'AddressPrefix: The address prefix for the subnet.' type: string addressPrefixes: - description: 'AddressPrefixes: List of address prefixes for the subnet.' items: type: string type: array applicationGatewayIpConfigurations: - description: 'ApplicationGatewayIpConfigurations: Application gateway IP configurations of virtual network resource.' items: - description: IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string delegations: - description: 'Delegations: An array of references to the delegations on the subnet.' items: - description: Details the service to which the subnet is delegated. properties: name: - description: 'Name: The name of the resource that is unique within a subnet. This name can be used to access the resource.' type: string serviceName: - description: 'ServiceName: The name of the service to whom the subnet should be delegated (e.g. Microsoft.Sql/servers).' type: string type: object type: array ipAllocations: - description: 'IpAllocations: Array of IpAllocation which reference this subnet.' items: - description: Reference to another subresource. properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array natGateway: - description: 'NatGateway: Nat gateway associated with this subnet.' properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object networkSecurityGroup: - description: 'NetworkSecurityGroup: The reference to the NetworkSecurityGroup resource.' properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -66036,29 +43072,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -66067,93 +43087,63 @@ spec: type: array type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a network.azure.com/VirtualNetwork resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object privateEndpointNetworkPolicies: - description: 'PrivateEndpointNetworkPolicies: Enable or Disable apply network policies on private end point in the subnet.' enum: - Disabled - Enabled type: string privateLinkServiceNetworkPolicies: - description: 'PrivateLinkServiceNetworkPolicies: Enable or Disable apply network policies on private link service in the subnet.' enum: - Disabled - Enabled type: string routeTable: - description: 'RouteTable: The reference to the RouteTable resource.' properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object serviceEndpointPolicies: - description: 'ServiceEndpointPolicies: An array of service endpoint policies.' items: - description: Service End point policy resource. properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array serviceEndpoints: - description: 'ServiceEndpoints: An array of service endpoints.' items: - description: The service endpoint properties. properties: locations: - description: 'Locations: A list of locations.' items: type: string type: array service: - description: 'Service: The type of the endpoint service.' type: string type: object type: array @@ -66163,59 +43153,36 @@ spec: status: properties: addressPrefix: - description: 'AddressPrefix: The address prefix for the subnet.' type: string addressPrefixes: - description: 'AddressPrefixes: List of address prefixes for the subnet.' items: type: string type: array applicationGatewayIpConfigurations: - description: 'ApplicationGatewayIpConfigurations: Application gateway IP configurations of virtual network resource.' items: - description: IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -66225,171 +43192,118 @@ spec: type: object type: array delegations: - description: 'Delegations: An array of references to the delegations on the subnet.' items: - description: Details the service to which the subnet is delegated. properties: actions: - description: 'Actions: The actions permitted to the service upon delegation.' items: type: string type: array etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string id: - description: 'Id: Resource ID.' type: string name: - description: 'Name: The name of the resource that is unique within a subnet. This name can be used to access the resource.' type: string provisioningState: - description: 'ProvisioningState: The provisioning state of the service delegation resource.' type: string serviceName: - description: 'ServiceName: The name of the service to whom the subnet should be delegated (e.g. Microsoft.Sql/servers).' type: string type: - description: 'Type: Resource type.' type: string type: object type: array etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string id: - description: 'Id: Resource ID.' type: string ipAllocations: - description: 'IpAllocations: Array of IpAllocation which reference this subnet.' items: - description: Reference to another subresource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array ipConfigurationProfiles: - description: 'IpConfigurationProfiles: Array of IP configuration profiles which reference this subnet.' items: - description: IP configuration profile child resource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array ipConfigurations: - description: |- - IpConfigurations: An array of references to the network interface IP configurations using subnet. This field is not - included if there are more than 2000 entries. items: - description: IP configuration. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string natGateway: - description: 'NatGateway: Nat gateway associated with this subnet.' properties: id: - description: 'Id: Resource ID.' type: string type: object networkSecurityGroup: - description: 'NetworkSecurityGroup: The reference to the NetworkSecurityGroup resource.' properties: id: - description: 'Id: Resource ID.' type: string type: object privateEndpointNetworkPolicies: - description: 'PrivateEndpointNetworkPolicies: Enable or Disable apply network policies on private end point in the subnet.' type: string privateEndpoints: - description: 'PrivateEndpoints: An array of references to private endpoints.' items: - description: Private endpoint resource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array privateLinkServiceNetworkPolicies: - description: 'PrivateLinkServiceNetworkPolicies: Enable or Disable apply network policies on private link service in the subnet.' type: string provisioningState: - description: 'ProvisioningState: The provisioning state of the subnet resource.' type: string purpose: - description: |- - Purpose: A read-only string identifying the intention of use for this subnet based on delegations and other user-defined - properties. type: string resourceNavigationLinks: - description: 'ResourceNavigationLinks: An array of references to the external resources using subnet.' items: - description: ResourceNavigationLink resource. properties: id: - description: 'Id: Resource navigation link identifier.' type: string type: object type: array routeTable: - description: 'RouteTable: The reference to the RouteTable resource.' properties: id: - description: 'Id: Resource ID.' type: string type: object serviceAssociationLinks: - description: 'ServiceAssociationLinks: An array of references to services injecting into this subnet.' items: - description: ServiceAssociationLink resource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array serviceEndpointPolicies: - description: 'ServiceEndpointPolicies: An array of service endpoint policies.' items: - description: Service End point policy resource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array serviceEndpoints: - description: 'ServiceEndpoints: An array of service endpoints.' items: - description: The service endpoint properties. properties: locations: - description: 'Locations: A list of locations.' items: type: string type: array provisioningState: - description: 'ProvisioningState: The provisioning state of the service endpoint resource.' type: string service: - description: 'Service: The type of the endpoint service.' type: string type: object type: array type: - description: 'Type: Resource type.' type: string type: object type: object @@ -66413,38 +43327,18 @@ spec: name: v1api20201101storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20201101.VirtualNetworksSubnet - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2020-11-01/virtualNetwork.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20201101.VirtualNetworksSubnet_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object addressPrefix: type: string @@ -66454,56 +43348,33 @@ spec: type: array applicationGatewayIpConfigurations: items: - description: |- - Storage version of v1api20201101.ApplicationGatewayIPConfiguration_VirtualNetworks_Subnet_SubResourceEmbedded - IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string delegations: items: - description: |- - Storage version of v1api20201101.Delegation - Details the service to which the subnet is delegated. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -66513,140 +43384,77 @@ spec: type: array ipAllocations: items: - description: |- - Storage version of v1api20201101.SubResource - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array natGateway: - description: |- - Storage version of v1api20201101.SubResource - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object networkSecurityGroup: - description: |- - Storage version of v1api20201101.NetworkSecurityGroupSpec_VirtualNetworks_Subnet_SubResourceEmbedded - NetworkSecurityGroup resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object operatorSpec: - description: |- - Storage version of v1api20201101.VirtualNetworksSubnetOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -66655,27 +43463,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -66686,16 +43479,11 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a network.azure.com/VirtualNetwork resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object privateEndpointNetworkPolicies: @@ -66703,85 +43491,51 @@ spec: privateLinkServiceNetworkPolicies: type: string routeTable: - description: |- - Storage version of v1api20201101.RouteTableSpec_VirtualNetworks_Subnet_SubResourceEmbedded - Route table resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object serviceEndpointPolicies: items: - description: |- - Storage version of v1api20201101.ServiceEndpointPolicySpec_VirtualNetworks_Subnet_SubResourceEmbedded - Service End point policy resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array serviceEndpoints: items: - description: |- - Storage version of v1api20201101.ServiceEndpointPropertiesFormat - The service endpoint properties. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object locations: items: @@ -66795,14 +43549,10 @@ spec: - owner type: object status: - description: Storage version of v1api20201101.VirtualNetworksSubnet_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object addressPrefix: type: string @@ -66812,16 +43562,10 @@ spec: type: array applicationGatewayIpConfigurations: items: - description: |- - Storage version of v1api20201101.ApplicationGatewayIPConfiguration_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded - IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -66829,39 +43573,22 @@ spec: type: array conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -66872,16 +43599,10 @@ spec: type: array delegations: items: - description: |- - Storage version of v1api20201101.Delegation_STATUS - Details the service to which the subnet is delegated. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object actions: items: @@ -66907,16 +43628,10 @@ spec: type: string ipAllocations: items: - description: |- - Storage version of v1api20201101.SubResource_STATUS - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -66924,16 +43639,10 @@ spec: type: array ipConfigurationProfiles: items: - description: |- - Storage version of v1api20201101.IPConfigurationProfile_STATUS - IP configuration profile child resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -66941,16 +43650,10 @@ spec: type: array ipConfigurations: items: - description: |- - Storage version of v1api20201101.IPConfiguration_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded - IP configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -66959,31 +43662,19 @@ spec: name: type: string natGateway: - description: |- - Storage version of v1api20201101.SubResource_STATUS - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string type: object networkSecurityGroup: - description: |- - Storage version of v1api20201101.NetworkSecurityGroup_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded - NetworkSecurityGroup resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -66992,16 +43683,10 @@ spec: type: string privateEndpoints: items: - description: |- - Storage version of v1api20201101.PrivateEndpoint_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded - Private endpoint resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -67015,48 +43700,30 @@ spec: type: string resourceNavigationLinks: items: - description: |- - Storage version of v1api20201101.ResourceNavigationLink_STATUS - ResourceNavigationLink resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string type: object type: array routeTable: - description: |- - Storage version of v1api20201101.RouteTable_STATUS_SubResourceEmbedded - Route table resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string type: object serviceAssociationLinks: items: - description: |- - Storage version of v1api20201101.ServiceAssociationLink_STATUS - ServiceAssociationLink resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -67064,16 +43731,10 @@ spec: type: array serviceEndpointPolicies: items: - description: |- - Storage version of v1api20201101.ServiceEndpointPolicy_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded - Service End point policy resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -67081,16 +43742,10 @@ spec: type: array serviceEndpoints: items: - description: |- - Storage version of v1api20201101.ServiceEndpointPropertiesFormat_STATUS - The service endpoint properties. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object locations: items: @@ -67126,192 +43781,108 @@ spec: name: v1api20240301 schema: openAPIV3Schema: - description: |- - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/virtualNetwork.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: properties: addressPrefix: - description: 'AddressPrefix: The address prefix for the subnet.' type: string addressPrefixes: - description: 'AddressPrefixes: List of address prefixes for the subnet.' items: type: string type: array applicationGatewayIPConfigurations: - description: 'ApplicationGatewayIPConfigurations: Application gateway IP configurations of virtual network resource.' items: - description: IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string defaultOutboundAccess: - description: |- - DefaultOutboundAccess: Set this property to false to disable default outbound connectivity for all VMs in the subnet. - This property can only be set at the time of subnet creation and cannot be updated for an existing subnet. type: boolean delegations: - description: 'Delegations: An array of references to the delegations on the subnet.' items: - description: Details the service to which the subnet is delegated. properties: name: - description: 'Name: The name of the resource that is unique within a subnet. This name can be used to access the resource.' type: string serviceName: - description: 'ServiceName: The name of the service to whom the subnet should be delegated (e.g. Microsoft.Sql/servers).' type: string type: object type: array ipAllocations: - description: 'IpAllocations: Array of IpAllocation which reference this subnet.' items: - description: Reference to another subresource. properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array natGateway: - description: 'NatGateway: Nat gateway associated with this subnet.' properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object networkSecurityGroup: - description: 'NetworkSecurityGroup: The reference to the NetworkSecurityGroup resource.' properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object operatorSpec: - description: |- - OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not - passed directly to Azure properties: configMapExpressions: - description: 'ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -67319,29 +43890,13 @@ spec: type: object type: array secretExpressions: - description: 'SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).' items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -67350,20 +43905,14 @@ spec: type: array type: object owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a network.azure.com/VirtualNetwork resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object privateEndpointNetworkPolicies: - description: 'PrivateEndpointNetworkPolicies: Enable or Disable apply network policies on private end point in the subnet.' enum: - Disabled - Enabled @@ -67371,105 +43920,69 @@ spec: - RouteTableEnabled type: string privateLinkServiceNetworkPolicies: - description: 'PrivateLinkServiceNetworkPolicies: Enable or Disable apply network policies on private link service in the subnet.' enum: - Disabled - Enabled type: string routeTable: - description: 'RouteTable: The reference to the RouteTable resource.' properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object serviceEndpointPolicies: - description: 'ServiceEndpointPolicies: An array of service endpoint policies.' items: - description: Service End point policy resource. properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array serviceEndpoints: - description: 'ServiceEndpoints: An array of service endpoints.' items: - description: The service endpoint properties. properties: locations: - description: 'Locations: A list of locations.' items: type: string type: array networkIdentifier: - description: 'NetworkIdentifier: SubResource as network identifier.' properties: reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object service: - description: 'Service: The type of the endpoint service.' type: string type: object type: array sharingScope: - description: |- - SharingScope: Set this property to Tenant to allow sharing subnet with other subscriptions in your AAD tenant. This - property can only be set if defaultOutboundAccess is set to false, both properties can only be set if subnet is empty. enum: - DelegatedServices - Tenant @@ -67480,59 +43993,36 @@ spec: status: properties: addressPrefix: - description: 'AddressPrefix: The address prefix for the subnet.' type: string addressPrefixes: - description: 'AddressPrefixes: List of address prefixes for the subnet.' items: type: string type: array applicationGatewayIPConfigurations: - description: 'ApplicationGatewayIPConfigurations: Application gateway IP configurations of virtual network resource.' items: - description: IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array conditions: - description: 'Conditions: The observed state of the resource' items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -67542,188 +44032,127 @@ spec: type: object type: array defaultOutboundAccess: - description: |- - DefaultOutboundAccess: Set this property to false to disable default outbound connectivity for all VMs in the subnet. - This property can only be set at the time of subnet creation and cannot be updated for an existing subnet. type: boolean delegations: - description: 'Delegations: An array of references to the delegations on the subnet.' items: - description: Details the service to which the subnet is delegated. properties: actions: - description: 'Actions: The actions permitted to the service upon delegation.' items: type: string type: array etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string id: - description: 'Id: Resource ID.' type: string name: - description: 'Name: The name of the resource that is unique within a subnet. This name can be used to access the resource.' type: string provisioningState: - description: 'ProvisioningState: The provisioning state of the service delegation resource.' type: string serviceName: - description: 'ServiceName: The name of the service to whom the subnet should be delegated (e.g. Microsoft.Sql/servers).' type: string type: - description: 'Type: Resource type.' type: string type: object type: array etag: - description: 'Etag: A unique read-only string that changes whenever the resource is updated.' type: string id: - description: 'Id: Resource ID.' type: string ipAllocations: - description: 'IpAllocations: Array of IpAllocation which reference this subnet.' items: - description: Reference to another subresource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array ipConfigurationProfiles: - description: 'IpConfigurationProfiles: Array of IP configuration profiles which reference this subnet.' items: - description: IP configuration profile child resource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array ipConfigurations: - description: |- - IpConfigurations: An array of references to the network interface IP configurations using subnet. This field is not - included if there are more than 2000 entries. items: - description: IP configuration. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array name: - description: 'Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.' type: string natGateway: - description: 'NatGateway: Nat gateway associated with this subnet.' properties: id: - description: 'Id: Resource ID.' type: string type: object networkSecurityGroup: - description: 'NetworkSecurityGroup: The reference to the NetworkSecurityGroup resource.' properties: id: - description: 'Id: Resource ID.' type: string type: object privateEndpointNetworkPolicies: - description: 'PrivateEndpointNetworkPolicies: Enable or Disable apply network policies on private end point in the subnet.' type: string privateEndpoints: - description: 'PrivateEndpoints: An array of references to private endpoints.' items: - description: Private endpoint resource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array privateLinkServiceNetworkPolicies: - description: 'PrivateLinkServiceNetworkPolicies: Enable or Disable apply network policies on private link service in the subnet.' type: string provisioningState: - description: 'ProvisioningState: The provisioning state of the subnet resource.' type: string purpose: - description: |- - Purpose: A read-only string identifying the intention of use for this subnet based on delegations and other user-defined - properties. type: string resourceNavigationLinks: - description: 'ResourceNavigationLinks: An array of references to the external resources using subnet.' items: - description: ResourceNavigationLink resource. properties: id: - description: 'Id: Resource navigation link identifier.' type: string type: object type: array routeTable: - description: 'RouteTable: The reference to the RouteTable resource.' properties: id: - description: 'Id: Resource ID.' type: string type: object serviceAssociationLinks: - description: 'ServiceAssociationLinks: An array of references to services injecting into this subnet.' items: - description: ServiceAssociationLink resource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array serviceEndpointPolicies: - description: 'ServiceEndpointPolicies: An array of service endpoint policies.' items: - description: Service End point policy resource. properties: id: - description: 'Id: Resource ID.' type: string type: object type: array serviceEndpoints: - description: 'ServiceEndpoints: An array of service endpoints.' items: - description: The service endpoint properties. properties: locations: - description: 'Locations: A list of locations.' items: type: string type: array networkIdentifier: - description: 'NetworkIdentifier: SubResource as network identifier.' properties: id: - description: 'Id: Resource ID.' type: string type: object provisioningState: - description: 'ProvisioningState: The provisioning state of the service endpoint resource.' type: string service: - description: 'Service: The type of the endpoint service.' type: string type: object type: array sharingScope: - description: |- - SharingScope: Set this property to Tenant to allow sharing subnet with other subscriptions in your AAD tenant. This - property can only be set if defaultOutboundAccess is set to false, both properties can only be set if subnet is empty. type: string type: - description: 'Type: Resource type.' type: string type: object type: object @@ -67747,38 +44176,18 @@ spec: name: v1api20240301storage schema: openAPIV3Schema: - description: |- - Storage version of v1api20240301.VirtualNetworksSubnet - Generator information: - - Generated from: /network/resource-manager/Microsoft.Network/stable/2024-03-01/virtualNetwork.json - - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: Storage version of v1api20240301.VirtualNetworksSubnet_Spec properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object addressPrefix: type: string @@ -67788,58 +44197,35 @@ spec: type: array applicationGatewayIPConfigurations: items: - description: |- - Storage version of v1api20240301.ApplicationGatewayIPConfiguration_VirtualNetworks_Subnet_SubResourceEmbedded - IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array azureName: - description: |- - AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it - doesn't have to be. type: string defaultOutboundAccess: type: boolean delegations: items: - description: |- - Storage version of v1api20240301.Delegation - Details the service to which the subnet is delegated. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object name: type: string @@ -67849,140 +44235,77 @@ spec: type: array ipAllocations: items: - description: |- - Storage version of v1api20240301.SubResource - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array natGateway: - description: |- - Storage version of v1api20240301.SubResource - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object networkSecurityGroup: - description: |- - Storage version of v1api20240301.NetworkSecurityGroupSpec_VirtualNetworks_Subnet_SubResourceEmbedded - NetworkSecurityGroup resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object operatorSpec: - description: |- - Storage version of v1api20240301.VirtualNetworksSubnetOperatorSpec - Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object configMapExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -67991,27 +44314,12 @@ spec: type: array secretExpressions: items: - description: |- - DestinationExpression is a CEL expression and a destination to store the result in. The destination may - be a secret or a configmap. The value of the expression is stored at the specified location in - the destination. properties: key: - description: |- - Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string - this is required to identify what key to write to. If the CEL expression in Value returns a map[string]string - Key must not be set, instead the keys written will be determined dynamically based on the keys of the resulting - map[string]string. type: string name: - description: |- - Name is the name of the Kubernetes configmap or secret to write to. - The configmap or secret will be created in the same namespace as the resource. type: string value: - description: |- - Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information - on CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/ type: string required: - name @@ -68022,16 +44330,11 @@ spec: originalVersion: type: string owner: - description: |- - Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also - controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a - reference to a network.azure.com/VirtualNetwork resource properties: armId: pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string name: - description: This is the name of the Kubernetes resource to reference. type: string type: object privateEndpointNetworkPolicies: @@ -68039,120 +44342,72 @@ spec: privateLinkServiceNetworkPolicies: type: string routeTable: - description: |- - Storage version of v1api20240301.RouteTableSpec_VirtualNetworks_Subnet_SubResourceEmbedded - Route table resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object serviceEndpointPolicies: items: - description: |- - Storage version of v1api20240301.ServiceEndpointPolicySpec_VirtualNetworks_Subnet_SubResourceEmbedded - Service End point policy resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object type: array serviceEndpoints: items: - description: |- - Storage version of v1api20240301.ServiceEndpointPropertiesFormat - The service endpoint properties. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object locations: items: type: string type: array networkIdentifier: - description: |- - Storage version of v1api20240301.SubResource - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object reference: - description: 'Reference: Resource ID.' properties: armId: - description: |- - ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - The /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level - ARMID is mutually exclusive with Group, Kind, Namespace and Name. pattern: (?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$) type: string group: - description: Group is the Kubernetes group of the resource. type: string kind: - description: Kind is the Kubernetes kind of the resource. type: string name: - description: Name is the Kubernetes name of the resource. type: string type: object type: object @@ -68166,14 +44421,10 @@ spec: - owner type: object status: - description: Storage version of v1api20240301.VirtualNetworksSubnet_STATUS properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object addressPrefix: type: string @@ -68183,16 +44434,10 @@ spec: type: array applicationGatewayIPConfigurations: items: - description: |- - Storage version of v1api20240301.ApplicationGatewayIPConfiguration_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded - IP configuration of an application gateway. Currently 1 public and 1 private IP configuration is allowed. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -68200,39 +44445,22 @@ spec: type: array conditions: items: - description: Condition defines an extension to status (an observation) of a resource properties: lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This field may be empty. type: string observedGeneration: - description: |- - ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. format: int64 type: integer reason: - description: |- - Reason for the condition's last transition. - Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. type: string severity: - description: |- - Severity with which to treat failures of this type of condition. - For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True - For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. - This is omitted in all cases when Status == Unknown type: string status: - description: Status of the condition, one of True, False, or Unknown. type: string type: - description: Type of condition. type: string required: - lastTransitionTime @@ -68245,16 +44473,10 @@ spec: type: boolean delegations: items: - description: |- - Storage version of v1api20240301.Delegation_STATUS - Details the service to which the subnet is delegated. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object actions: items: @@ -68280,16 +44502,10 @@ spec: type: string ipAllocations: items: - description: |- - Storage version of v1api20240301.SubResource_STATUS - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -68297,16 +44513,10 @@ spec: type: array ipConfigurationProfiles: items: - description: |- - Storage version of v1api20240301.IPConfigurationProfile_STATUS - IP configuration profile child resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -68314,16 +44524,10 @@ spec: type: array ipConfigurations: items: - description: |- - Storage version of v1api20240301.IPConfiguration_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded - IP configuration. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -68332,31 +44536,19 @@ spec: name: type: string natGateway: - description: |- - Storage version of v1api20240301.SubResource_STATUS - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string type: object networkSecurityGroup: - description: |- - Storage version of v1api20240301.NetworkSecurityGroup_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded - NetworkSecurityGroup resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -68365,16 +44557,10 @@ spec: type: string privateEndpoints: items: - description: |- - Storage version of v1api20240301.PrivateEndpoint_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded - Private endpoint resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -68388,48 +44574,30 @@ spec: type: string resourceNavigationLinks: items: - description: |- - Storage version of v1api20240301.ResourceNavigationLink_STATUS - ResourceNavigationLink resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string type: object type: array routeTable: - description: |- - Storage version of v1api20240301.RouteTable_STATUS_SubResourceEmbedded - Route table resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string type: object serviceAssociationLinks: items: - description: |- - Storage version of v1api20240301.ServiceAssociationLink_STATUS - ServiceAssociationLink resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -68437,16 +44605,10 @@ spec: type: array serviceEndpointPolicies: items: - description: |- - Storage version of v1api20240301.ServiceEndpointPolicy_STATUS_VirtualNetworks_Subnet_SubResourceEmbedded - Service End point policy resource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string @@ -68454,32 +44616,20 @@ spec: type: array serviceEndpoints: items: - description: |- - Storage version of v1api20240301.ServiceEndpointPropertiesFormat_STATUS - The service endpoint properties. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object locations: items: type: string type: array networkIdentifier: - description: |- - Storage version of v1api20240301.SubResource_STATUS - Reference to another subresource. properties: $propertyBag: additionalProperties: type: string - description: |- - PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage - resources, allowing for full fidelity round trip conversions type: object id: type: string