-
Notifications
You must be signed in to change notification settings - Fork 188
/
managed_cluster_spec_arm_types_gen.go
1138 lines (873 loc) · 55.5 KB
/
managed_cluster_spec_arm_types_gen.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
// Code generated by azure-service-operator-codegen. DO NOT EDIT.
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT license.
package v1api20230202preview
import "github.com/Azure/azure-service-operator/v2/pkg/genruntime"
type ManagedCluster_Spec_ARM struct {
// ExtendedLocation: The extended location of the Virtual Machine.
ExtendedLocation *ExtendedLocation_ARM `json:"extendedLocation,omitempty"`
// Identity: The identity of the managed cluster, if configured.
Identity *ManagedClusterIdentity_ARM `json:"identity,omitempty"`
// Location: The geo-location where the resource lives
Location *string `json:"location,omitempty"`
Name string `json:"name,omitempty"`
// Properties: Properties of a managed cluster.
Properties *ManagedClusterProperties_ARM `json:"properties,omitempty"`
// Sku: The managed cluster SKU.
Sku *ManagedClusterSKU_ARM `json:"sku,omitempty"`
// Tags: Resource tags.
Tags map[string]string `json:"tags"`
}
var _ genruntime.ARMResourceSpec = &ManagedCluster_Spec_ARM{}
// GetAPIVersion returns the ARM API version of the resource. This is always "2023-02-02-preview"
func (cluster ManagedCluster_Spec_ARM) GetAPIVersion() string {
return string(APIVersion_Value)
}
// GetName returns the Name of the resource
func (cluster *ManagedCluster_Spec_ARM) GetName() string {
return cluster.Name
}
// GetType returns the ARM Type of the resource. This is always "Microsoft.ContainerService/managedClusters"
func (cluster *ManagedCluster_Spec_ARM) GetType() string {
return "Microsoft.ContainerService/managedClusters"
}
// The complex type of the extended location.
type ExtendedLocation_ARM struct {
// Name: The name of the extended location.
Name *string `json:"name,omitempty"`
// Type: The type of the extended location.
Type *ExtendedLocationType `json:"type,omitempty"`
}
// Identity for the managed cluster.
type ManagedClusterIdentity_ARM struct {
// Type: For more information see [use managed identities in
// AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).
Type *ManagedClusterIdentity_Type `json:"type,omitempty"`
UserAssignedIdentities map[string]UserAssignedIdentityDetails_ARM `json:"userAssignedIdentities,omitempty"`
}
// Properties of the managed cluster.
type ManagedClusterProperties_ARM struct {
// AadProfile: The Azure Active Directory configuration.
AadProfile *ManagedClusterAADProfile_ARM `json:"aadProfile,omitempty"`
// AddonProfiles: The profile of managed cluster add-on.
AddonProfiles map[string]ManagedClusterAddonProfile_ARM `json:"addonProfiles"`
// AgentPoolProfiles: The agent pool properties.
AgentPoolProfiles []ManagedClusterAgentPoolProfile_ARM `json:"agentPoolProfiles"`
// ApiServerAccessProfile: The access profile for managed cluster API server.
ApiServerAccessProfile *ManagedClusterAPIServerAccessProfile_ARM `json:"apiServerAccessProfile,omitempty"`
// AutoScalerProfile: Parameters to be applied to the cluster-autoscaler when enabled
AutoScalerProfile *ManagedClusterProperties_AutoScalerProfile_ARM `json:"autoScalerProfile,omitempty"`
// AutoUpgradeProfile: The auto upgrade configuration.
AutoUpgradeProfile *ManagedClusterAutoUpgradeProfile_ARM `json:"autoUpgradeProfile,omitempty"`
// AzureMonitorProfile: Prometheus addon profile for the container service cluster
AzureMonitorProfile *ManagedClusterAzureMonitorProfile_ARM `json:"azureMonitorProfile,omitempty"`
// CreationData: CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a
// snapshot.
CreationData *CreationData_ARM `json:"creationData,omitempty"`
// DisableLocalAccounts: If set to true, getting static credentials will be disabled for this cluster. This must only be
// used on Managed Clusters that are AAD enabled. For more details see [disable local
// accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).
DisableLocalAccounts *bool `json:"disableLocalAccounts,omitempty"`
DiskEncryptionSetID *string `json:"diskEncryptionSetID,omitempty"`
// DnsPrefix: This cannot be updated once the Managed Cluster has been created.
DnsPrefix *string `json:"dnsPrefix,omitempty"`
// EnableNamespaceResources: The default value is false. It can be enabled/disabled on creation and updating of the managed
// cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as
// a ARM Resource.
EnableNamespaceResources *bool `json:"enableNamespaceResources,omitempty"`
// EnablePodSecurityPolicy: (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was
// deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and
// https://aka.ms/aks/psp.
EnablePodSecurityPolicy *bool `json:"enablePodSecurityPolicy,omitempty"`
// EnableRBAC: Whether to enable Kubernetes Role-Based Access Control.
EnableRBAC *bool `json:"enableRBAC,omitempty"`
// FqdnSubdomain: This cannot be updated once the Managed Cluster has been created.
FqdnSubdomain *string `json:"fqdnSubdomain,omitempty"`
// GuardrailsProfile: The guardrails profile holds all the guardrails information for a given cluster
GuardrailsProfile *GuardrailsProfile_ARM `json:"guardrailsProfile,omitempty"`
// HttpProxyConfig: Configurations for provisioning the cluster with HTTP proxy servers.
HttpProxyConfig *ManagedClusterHTTPProxyConfig_ARM `json:"httpProxyConfig,omitempty"`
// IdentityProfile: Identities associated with the cluster.
IdentityProfile map[string]UserAssignedIdentity_ARM `json:"identityProfile"`
// IngressProfile: Ingress profile for the managed cluster.
IngressProfile *ManagedClusterIngressProfile_ARM `json:"ingressProfile,omitempty"`
// KubernetesVersion: When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades
// must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x ->
// 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS
// cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.
KubernetesVersion *string `json:"kubernetesVersion,omitempty"`
// LinuxProfile: The profile for Linux VMs in the Managed Cluster.
LinuxProfile *ContainerServiceLinuxProfile_ARM `json:"linuxProfile,omitempty"`
// NetworkProfile: The network configuration profile.
NetworkProfile *ContainerServiceNetworkProfile_ARM `json:"networkProfile,omitempty"`
// NodeResourceGroup: The name of the resource group containing agent pool nodes.
NodeResourceGroup *string `json:"nodeResourceGroup,omitempty"`
// NodeResourceGroupProfile: The node resource group configuration profile.
NodeResourceGroupProfile *ManagedClusterNodeResourceGroupProfile_ARM `json:"nodeResourceGroupProfile,omitempty"`
// OidcIssuerProfile: The OIDC issuer profile of the Managed Cluster.
OidcIssuerProfile *ManagedClusterOIDCIssuerProfile_ARM `json:"oidcIssuerProfile,omitempty"`
// PodIdentityProfile: See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more
// details on AAD pod identity integration.
PodIdentityProfile *ManagedClusterPodIdentityProfile_ARM `json:"podIdentityProfile,omitempty"`
// PrivateLinkResources: Private link resources associated with the cluster.
PrivateLinkResources []PrivateLinkResource_ARM `json:"privateLinkResources"`
// PublicNetworkAccess: Allow or deny public network access for AKS
PublicNetworkAccess *ManagedClusterProperties_PublicNetworkAccess `json:"publicNetworkAccess,omitempty"`
// SecurityProfile: Security profile for the managed cluster.
SecurityProfile *ManagedClusterSecurityProfile_ARM `json:"securityProfile,omitempty"`
// ServiceMeshProfile: Service mesh profile for a managed cluster.
ServiceMeshProfile *ServiceMeshProfile_ARM `json:"serviceMeshProfile,omitempty"`
// ServicePrincipalProfile: Information about a service principal identity for the cluster to use for manipulating Azure
// APIs.
ServicePrincipalProfile *ManagedClusterServicePrincipalProfile_ARM `json:"servicePrincipalProfile,omitempty"`
// StorageProfile: Storage profile for the managed cluster.
StorageProfile *ManagedClusterStorageProfile_ARM `json:"storageProfile,omitempty"`
// UpgradeSettings: Settings for upgrading a cluster.
UpgradeSettings *ClusterUpgradeSettings_ARM `json:"upgradeSettings,omitempty"`
// WindowsProfile: The profile for Windows VMs in the Managed Cluster.
WindowsProfile *ManagedClusterWindowsProfile_ARM `json:"windowsProfile,omitempty"`
// WorkloadAutoScalerProfile: Workload Auto-scaler profile for the managed cluster.
WorkloadAutoScalerProfile *ManagedClusterWorkloadAutoScalerProfile_ARM `json:"workloadAutoScalerProfile,omitempty"`
}
// The SKU of a Managed Cluster.
type ManagedClusterSKU_ARM struct {
// Name: The name of a managed cluster SKU.
Name *ManagedClusterSKU_Name `json:"name,omitempty"`
// Tier: If not specified, the default is 'Free'. See [AKS Pricing
// Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.
Tier *ManagedClusterSKU_Tier `json:"tier,omitempty"`
}
// Settings for upgrading a cluster.
type ClusterUpgradeSettings_ARM struct {
// OverrideSettings: Settings for overrides.
OverrideSettings *UpgradeOverrideSettings_ARM `json:"overrideSettings,omitempty"`
}
// Profile for Linux VMs in the container service cluster.
type ContainerServiceLinuxProfile_ARM struct {
// AdminUsername: The administrator username to use for Linux VMs.
AdminUsername *string `json:"adminUsername,omitempty"`
// Ssh: The SSH configuration for Linux-based VMs running on Azure.
Ssh *ContainerServiceSshConfiguration_ARM `json:"ssh,omitempty"`
}
// Profile of network configuration.
type ContainerServiceNetworkProfile_ARM struct {
// DnsServiceIP: An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address
// range specified in serviceCidr.
DnsServiceIP *string `json:"dnsServiceIP,omitempty"`
// DockerBridgeCidr: A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP
// ranges or the Kubernetes service address range.
DockerBridgeCidr *string `json:"dockerBridgeCidr,omitempty"`
// IpFamilies: IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value
// is IPv4. For dual-stack, the expected values are IPv4 and IPv6.
IpFamilies []ContainerServiceNetworkProfile_IpFamilies `json:"ipFamilies"`
// KubeProxyConfig: Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy
// defaulting behavior. See https://v<version>.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/
// where <version> is represented by a <major version>-<minor version> string. Kubernetes version 1.23 would be '1-23'.
KubeProxyConfig *ContainerServiceNetworkProfile_KubeProxyConfig_ARM `json:"kubeProxyConfig,omitempty"`
// LoadBalancerProfile: Profile of the cluster load balancer.
LoadBalancerProfile *ManagedClusterLoadBalancerProfile_ARM `json:"loadBalancerProfile,omitempty"`
// LoadBalancerSku: The default is 'standard'. See [Azure Load Balancer
// SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load
// balancer SKUs.
LoadBalancerSku *LoadBalancerSku `json:"loadBalancerSku,omitempty"`
// NatGatewayProfile: Profile of the cluster NAT gateway.
NatGatewayProfile *ManagedClusterNATGatewayProfile_ARM `json:"natGatewayProfile,omitempty"`
// NetworkDataplane: Network dataplane used in the Kubernetes cluster.
NetworkDataplane *NetworkDataplane `json:"networkDataplane,omitempty"`
// NetworkMode: This cannot be specified if networkPlugin is anything other than 'azure'.
NetworkMode *NetworkMode `json:"networkMode,omitempty"`
// NetworkPlugin: Network plugin used for building the Kubernetes network.
NetworkPlugin *NetworkPlugin `json:"networkPlugin,omitempty"`
// NetworkPluginMode: Network plugin mode used for building the Kubernetes network.
NetworkPluginMode *NetworkPluginMode `json:"networkPluginMode,omitempty"`
// NetworkPolicy: Network policy used for building the Kubernetes network.
NetworkPolicy *NetworkPolicy `json:"networkPolicy,omitempty"`
// OutboundType: This can only be set at cluster creation time and cannot be changed later. For more information see
// [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).
OutboundType *ContainerServiceNetworkProfile_OutboundType `json:"outboundType,omitempty"`
// PodCidr: A CIDR notation IP range from which to assign pod IPs when kubenet is used.
PodCidr *string `json:"podCidr,omitempty"`
// PodCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is
// expected for dual-stack networking.
PodCidrs []string `json:"podCidrs"`
// ServiceCidr: A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP
// ranges.
ServiceCidr *string `json:"serviceCidr,omitempty"`
// ServiceCidrs: One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is
// expected for dual-stack networking. They must not overlap with any Subnet IP ranges.
ServiceCidrs []string `json:"serviceCidrs"`
}
// Data used when creating a target resource from a source resource.
type CreationData_ARM struct {
SourceResourceId *string `json:"sourceResourceId,omitempty"`
}
// The type of extendedLocation.
// +kubebuilder:validation:Enum={"EdgeZone"}
type ExtendedLocationType string
const ExtendedLocationType_EdgeZone = ExtendedLocationType("EdgeZone")
// Mapping from string to ExtendedLocationType
var extendedLocationType_Values = map[string]ExtendedLocationType{
"edgezone": ExtendedLocationType_EdgeZone,
}
// The Guardrails profile.
type GuardrailsProfile_ARM struct {
// ExcludedNamespaces: List of namespaces excluded from guardrails checks
ExcludedNamespaces []string `json:"excludedNamespaces"`
// Level: The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS
// excludes via systemExcludedNamespaces
Level *GuardrailsProfile_Level `json:"level,omitempty"`
// Version: The version of constraints to use
Version *string `json:"version,omitempty"`
}
// For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).
type ManagedClusterAADProfile_ARM struct {
// AdminGroupObjectIDs: The list of AAD group object IDs that will have admin role of the cluster.
AdminGroupObjectIDs []string `json:"adminGroupObjectIDs"`
// ClientAppID: (DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.
ClientAppID *string `json:"clientAppID,omitempty"`
// EnableAzureRBAC: Whether to enable Azure RBAC for Kubernetes authorization.
EnableAzureRBAC *bool `json:"enableAzureRBAC,omitempty"`
// Managed: Whether to enable managed AAD.
Managed *bool `json:"managed,omitempty"`
// ServerAppID: (DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.
ServerAppID *string `json:"serverAppID,omitempty"`
// ServerAppSecret: (DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.
ServerAppSecret *string `json:"serverAppSecret,omitempty"`
// TenantID: The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment
// subscription.
TenantID *string `json:"tenantID,omitempty"`
}
// A Kubernetes add-on profile for a managed cluster.
type ManagedClusterAddonProfile_ARM struct {
// Config: Key-value pairs for configuring an add-on.
Config map[string]string `json:"config"`
// Enabled: Whether the add-on is enabled or not.
Enabled *bool `json:"enabled,omitempty"`
}
// Profile for the container service agent pool.
type ManagedClusterAgentPoolProfile_ARM struct {
// AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType
// property is 'VirtualMachineScaleSets'.
AvailabilityZones []string `json:"availabilityZones"`
// CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.
CapacityReservationGroupID *string `json:"capacityReservationGroupID,omitempty"`
// Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive)
// for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.
Count *int `json:"count,omitempty"`
// CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using
// a snapshot.
CreationData *CreationData_ARM `json:"creationData,omitempty"`
// EnableAutoScaling: Whether to enable auto-scaler
EnableAutoScaling *bool `json:"enableAutoScaling,omitempty"`
// EnableCustomCATrust: When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a
// daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded
// certificates into node trust stores. Defaults to false.
EnableCustomCATrust *bool `json:"enableCustomCATrust,omitempty"`
// EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information,
// see: https://docs.microsoft.com/azure/aks/enable-host-encryption
EnableEncryptionAtHost *bool `json:"enableEncryptionAtHost,omitempty"`
// EnableFIPS: See [Add a FIPS-enabled node
// pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more
// details.
EnableFIPS *bool `json:"enableFIPS,omitempty"`
// EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses.
// A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine
// to minimize hops. For more information see [assigning a public IP per
// node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The
// default is false.
EnableNodePublicIP *bool `json:"enableNodePublicIP,omitempty"`
// EnableUltraSSD: Whether to enable UltraSSD
EnableUltraSSD *bool `json:"enableUltraSSD,omitempty"`
// GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.
GpuInstanceProfile *GPUInstanceProfile `json:"gpuInstanceProfile,omitempty"`
HostGroupID *string `json:"hostGroupID,omitempty"`
// KubeletConfig: The Kubelet configuration on the agent pool nodes.
KubeletConfig *KubeletConfig_ARM `json:"kubeletConfig,omitempty"`
// KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral
// storage.
KubeletDiskType *KubeletDiskType `json:"kubeletDiskType,omitempty"`
// LinuxOSConfig: The OS configuration of Linux agent nodes.
LinuxOSConfig *LinuxOSConfig_ARM `json:"linuxOSConfig,omitempty"`
// MaxCount: The maximum number of nodes for auto-scaling
MaxCount *int `json:"maxCount,omitempty"`
// MaxPods: The maximum number of pods that can run on a node.
MaxPods *int `json:"maxPods,omitempty"`
// MessageOfTheDay: A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of
// the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e.,
// will be printed raw and not be executed as a script).
MessageOfTheDay *string `json:"messageOfTheDay,omitempty"`
// MinCount: The minimum number of nodes for auto-scaling
MinCount *int `json:"minCount,omitempty"`
// Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool
// restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools
Mode *AgentPoolMode `json:"mode,omitempty"`
// Name: Windows agent pool names must be 6 characters or less.
Name *string `json:"name,omitempty"`
// NetworkProfile: Network-related settings of an agent pool.
NetworkProfile *AgentPoolNetworkProfile_ARM `json:"networkProfile,omitempty"`
// NodeLabels: The node labels to be persisted across all nodes in agent pool.
NodeLabels map[string]string `json:"nodeLabels"`
NodePublicIPPrefixID *string `json:"nodePublicIPPrefixID,omitempty"`
// NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.
NodeTaints []string `json:"nodeTaints"`
// OrchestratorVersion: Both patch version <major.minor.patch> and <major.minor> are supported. When <major.minor> is
// specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same
// <major.minor> once it has been created will not trigger an upgrade, even if a newer patch version is available. As a
// best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version
// must have the same major version as the control plane. The node pool minor version must be within two minor versions of
// the control plane version. The node pool version cannot be greater than the control plane version. For more information
// see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).
OrchestratorVersion *string `json:"orchestratorVersion,omitempty"`
OsDiskSizeGB *ContainerServiceOSDisk `json:"osDiskSizeGB,omitempty"`
// OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested
// OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral
// OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).
OsDiskType *OSDiskType `json:"osDiskType,omitempty"`
// OsSKU: Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or
// Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is
// deprecated.
OsSKU *OSSKU `json:"osSKU,omitempty"`
// OsType: The operating system type. The default is Linux.
OsType *OSType `json:"osType,omitempty"`
PodSubnetID *string `json:"podSubnetID,omitempty"`
// PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this
// field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only
// be stopped if it is Running and provisioning state is Succeeded
PowerState *PowerState_ARM `json:"powerState,omitempty"`
ProximityPlacementGroupID *string `json:"proximityPlacementGroupID,omitempty"`
// ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.
ScaleDownMode *ScaleDownMode `json:"scaleDownMode,omitempty"`
// ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is
// 'Delete'.
ScaleSetEvictionPolicy *ScaleSetEvictionPolicy `json:"scaleSetEvictionPolicy,omitempty"`
// ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.
ScaleSetPriority *ScaleSetPriority `json:"scaleSetPriority,omitempty"`
// SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any
// on-demand price. For more details on spot pricing, see [spot VMs
// pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)
SpotMaxPrice *float64 `json:"spotMaxPrice,omitempty"`
// Tags: The tags to be persisted on the agent pool virtual machine scale set.
Tags map[string]string `json:"tags"`
// Type: The type of Agent Pool.
Type *AgentPoolType `json:"type,omitempty"`
// UpgradeSettings: Settings for upgrading the agentpool
UpgradeSettings *AgentPoolUpgradeSettings_ARM `json:"upgradeSettings,omitempty"`
// VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods
// might fail to run correctly. For more details on restricted VM sizes, see:
// https://docs.microsoft.com/azure/aks/quotas-skus-regions
VmSize *string `json:"vmSize,omitempty"`
VnetSubnetID *string `json:"vnetSubnetID,omitempty"`
// WindowsProfile: The Windows agent pool's specific profile.
WindowsProfile *AgentPoolWindowsProfile_ARM `json:"windowsProfile,omitempty"`
// WorkloadRuntime: Determines the type of workload a node can run.
WorkloadRuntime *WorkloadRuntime `json:"workloadRuntime,omitempty"`
}
// Access profile for managed cluster API server.
type ManagedClusterAPIServerAccessProfile_ARM struct {
// AuthorizedIPRanges: IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with
// clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API
// server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).
AuthorizedIPRanges []string `json:"authorizedIPRanges"`
// DisableRunCommand: Whether to disable run command for the cluster or not.
DisableRunCommand *bool `json:"disableRunCommand,omitempty"`
// EnablePrivateCluster: For more details, see [Creating a private AKS
// cluster](https://docs.microsoft.com/azure/aks/private-clusters).
EnablePrivateCluster *bool `json:"enablePrivateCluster,omitempty"`
// EnablePrivateClusterPublicFQDN: Whether to create additional public FQDN for private cluster or not.
EnablePrivateClusterPublicFQDN *bool `json:"enablePrivateClusterPublicFQDN,omitempty"`
// EnableVnetIntegration: Whether to enable apiserver vnet integration for the cluster or not.
EnableVnetIntegration *bool `json:"enableVnetIntegration,omitempty"`
// PrivateDNSZone: The default is System. For more details see [configure private DNS
// zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and
// 'none'.
PrivateDNSZone *string `json:"privateDNSZone,omitempty"`
// SubnetId: It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable
// apiserver vnet integration.
SubnetId *string `json:"subnetId,omitempty"`
}
// Auto upgrade profile for a managed cluster.
type ManagedClusterAutoUpgradeProfile_ARM struct {
// NodeOSUpgradeChannel: The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.
NodeOSUpgradeChannel *ManagedClusterAutoUpgradeProfile_NodeOSUpgradeChannel `json:"nodeOSUpgradeChannel,omitempty"`
// UpgradeChannel: For more information see [setting the AKS cluster auto-upgrade
// channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).
UpgradeChannel *ManagedClusterAutoUpgradeProfile_UpgradeChannel `json:"upgradeChannel,omitempty"`
}
// Prometheus addon profile for the container service cluster
type ManagedClusterAzureMonitorProfile_ARM struct {
// Metrics: Metrics profile for the prometheus service addon
Metrics *ManagedClusterAzureMonitorProfileMetrics_ARM `json:"metrics,omitempty"`
}
// Cluster HTTP proxy configuration.
type ManagedClusterHTTPProxyConfig_ARM struct {
// HttpProxy: The HTTP proxy server endpoint to use.
HttpProxy *string `json:"httpProxy,omitempty"`
// HttpsProxy: The HTTPS proxy server endpoint to use.
HttpsProxy *string `json:"httpsProxy,omitempty"`
// NoProxy: The endpoints that should not go through proxy.
NoProxy []string `json:"noProxy"`
// TrustedCa: Alternative CA cert to use for connecting to proxy servers.
TrustedCa *string `json:"trustedCa,omitempty"`
}
// +kubebuilder:validation:Enum={"None","SystemAssigned","UserAssigned"}
type ManagedClusterIdentity_Type string
const (
ManagedClusterIdentity_Type_None = ManagedClusterIdentity_Type("None")
ManagedClusterIdentity_Type_SystemAssigned = ManagedClusterIdentity_Type("SystemAssigned")
ManagedClusterIdentity_Type_UserAssigned = ManagedClusterIdentity_Type("UserAssigned")
)
// Mapping from string to ManagedClusterIdentity_Type
var managedClusterIdentity_Type_Values = map[string]ManagedClusterIdentity_Type{
"none": ManagedClusterIdentity_Type_None,
"systemassigned": ManagedClusterIdentity_Type_SystemAssigned,
"userassigned": ManagedClusterIdentity_Type_UserAssigned,
}
// Ingress profile for the container service cluster.
type ManagedClusterIngressProfile_ARM struct {
// WebAppRouting: Web App Routing settings for the ingress profile.
WebAppRouting *ManagedClusterIngressProfileWebAppRouting_ARM `json:"webAppRouting,omitempty"`
}
// Node resource group lockdown profile for a managed cluster.
type ManagedClusterNodeResourceGroupProfile_ARM struct {
// RestrictionLevel: The restriction level applied to the cluster's node resource group
RestrictionLevel *ManagedClusterNodeResourceGroupProfile_RestrictionLevel `json:"restrictionLevel,omitempty"`
}
// The OIDC issuer profile of the Managed Cluster.
type ManagedClusterOIDCIssuerProfile_ARM struct {
// Enabled: Whether the OIDC issuer is enabled.
Enabled *bool `json:"enabled,omitempty"`
}
// See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod
// identity integration.
type ManagedClusterPodIdentityProfile_ARM struct {
// AllowNetworkPluginKubenet: Running in Kubenet is disabled by default due to the security related nature of AAD Pod
// Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod
// Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities)
// for more information.
AllowNetworkPluginKubenet *bool `json:"allowNetworkPluginKubenet,omitempty"`
// Enabled: Whether the pod identity addon is enabled.
Enabled *bool `json:"enabled,omitempty"`
// UserAssignedIdentities: The pod identities to use in the cluster.
UserAssignedIdentities []ManagedClusterPodIdentity_ARM `json:"userAssignedIdentities"`
// UserAssignedIdentityExceptions: The pod identity exceptions to allow.
UserAssignedIdentityExceptions []ManagedClusterPodIdentityException_ARM `json:"userAssignedIdentityExceptions"`
}
type ManagedClusterProperties_AutoScalerProfile_ARM struct {
// BalanceSimilarNodeGroups: Valid values are 'true' and 'false'
BalanceSimilarNodeGroups *string `json:"balance-similar-node-groups,omitempty"`
// Expander: If not specified, the default is 'random'. See
// [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more
// information.
Expander *ManagedClusterProperties_AutoScalerProfile_Expander `json:"expander,omitempty"`
// MaxEmptyBulkDelete: The default is 10.
MaxEmptyBulkDelete *string `json:"max-empty-bulk-delete,omitempty"`
// MaxGracefulTerminationSec: The default is 600.
MaxGracefulTerminationSec *string `json:"max-graceful-termination-sec,omitempty"`
// MaxNodeProvisionTime: The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than
// minutes (m) is supported.
MaxNodeProvisionTime *string `json:"max-node-provision-time,omitempty"`
// MaxTotalUnreadyPercentage: The default is 45. The maximum is 100 and the minimum is 0.
MaxTotalUnreadyPercentage *string `json:"max-total-unready-percentage,omitempty"`
// NewPodScaleUpDelay: For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler
// could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is
// '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).
NewPodScaleUpDelay *string `json:"new-pod-scale-up-delay,omitempty"`
// OkTotalUnreadyCount: This must be an integer. The default is 3.
OkTotalUnreadyCount *string `json:"ok-total-unready-count,omitempty"`
// ScaleDownDelayAfterAdd: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than
// minutes (m) is supported.
ScaleDownDelayAfterAdd *string `json:"scale-down-delay-after-add,omitempty"`
// ScaleDownDelayAfterDelete: The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of
// time other than minutes (m) is supported.
ScaleDownDelayAfterDelete *string `json:"scale-down-delay-after-delete,omitempty"`
// ScaleDownDelayAfterFailure: The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other
// than minutes (m) is supported.
ScaleDownDelayAfterFailure *string `json:"scale-down-delay-after-failure,omitempty"`
// ScaleDownUnneededTime: The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than
// minutes (m) is supported.
ScaleDownUnneededTime *string `json:"scale-down-unneeded-time,omitempty"`
// ScaleDownUnreadyTime: The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than
// minutes (m) is supported.
ScaleDownUnreadyTime *string `json:"scale-down-unready-time,omitempty"`
// ScaleDownUtilizationThreshold: The default is '0.5'.
ScaleDownUtilizationThreshold *string `json:"scale-down-utilization-threshold,omitempty"`
// ScanInterval: The default is '10'. Values must be an integer number of seconds.
ScanInterval *string `json:"scan-interval,omitempty"`
// SkipNodesWithLocalStorage: The default is true.
SkipNodesWithLocalStorage *string `json:"skip-nodes-with-local-storage,omitempty"`
// SkipNodesWithSystemPods: The default is true.
SkipNodesWithSystemPods *string `json:"skip-nodes-with-system-pods,omitempty"`
}
// Security profile for the container service cluster.
type ManagedClusterSecurityProfile_ARM struct {
// AzureKeyVaultKms: Azure Key Vault [key management
// service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.
AzureKeyVaultKms *AzureKeyVaultKms_ARM `json:"azureKeyVaultKms,omitempty"`
// CustomCATrustCertificates: A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the
// Custom CA Trust feature enabled. For more information see [Custom CA Trust
// Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)
CustomCATrustCertificates ManagedClusterSecurityProfileCustomCATrustCertificates `json:"customCATrustCertificates,omitempty"`
// Defender: Microsoft Defender settings for the security profile.
Defender *ManagedClusterSecurityProfileDefender_ARM `json:"defender,omitempty"`
// ImageCleaner: Image Cleaner settings for the security profile.
ImageCleaner *ManagedClusterSecurityProfileImageCleaner_ARM `json:"imageCleaner,omitempty"`
// NodeRestriction: [Node
// Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings
// for the security profile.
NodeRestriction *ManagedClusterSecurityProfileNodeRestriction_ARM `json:"nodeRestriction,omitempty"`
// WorkloadIdentity: Workload identity settings for the security profile. Workload identity enables Kubernetes applications
// to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.
WorkloadIdentity *ManagedClusterSecurityProfileWorkloadIdentity_ARM `json:"workloadIdentity,omitempty"`
}
// Information about a service principal identity for the cluster to use for manipulating Azure APIs.
type ManagedClusterServicePrincipalProfile_ARM struct {
// ClientId: The ID for the service principal.
ClientId *string `json:"clientId,omitempty"`
// Secret: The secret password associated with the service principal in plain text.
Secret *string `json:"secret,omitempty"`
}
// +kubebuilder:validation:Enum={"Base"}
type ManagedClusterSKU_Name string
const ManagedClusterSKU_Name_Base = ManagedClusterSKU_Name("Base")
// Mapping from string to ManagedClusterSKU_Name
var managedClusterSKU_Name_Values = map[string]ManagedClusterSKU_Name{
"base": ManagedClusterSKU_Name_Base,
}
// +kubebuilder:validation:Enum={"Free","Standard"}
type ManagedClusterSKU_Tier string
const (
ManagedClusterSKU_Tier_Free = ManagedClusterSKU_Tier("Free")
ManagedClusterSKU_Tier_Standard = ManagedClusterSKU_Tier("Standard")
)
// Mapping from string to ManagedClusterSKU_Tier
var managedClusterSKU_Tier_Values = map[string]ManagedClusterSKU_Tier{
"free": ManagedClusterSKU_Tier_Free,
"standard": ManagedClusterSKU_Tier_Standard,
}
// Storage profile for the container service cluster.
type ManagedClusterStorageProfile_ARM struct {
// BlobCSIDriver: AzureBlob CSI Driver settings for the storage profile.
BlobCSIDriver *ManagedClusterStorageProfileBlobCSIDriver_ARM `json:"blobCSIDriver,omitempty"`
// DiskCSIDriver: AzureDisk CSI Driver settings for the storage profile.
DiskCSIDriver *ManagedClusterStorageProfileDiskCSIDriver_ARM `json:"diskCSIDriver,omitempty"`
// FileCSIDriver: AzureFile CSI Driver settings for the storage profile.
FileCSIDriver *ManagedClusterStorageProfileFileCSIDriver_ARM `json:"fileCSIDriver,omitempty"`
// SnapshotController: Snapshot Controller settings for the storage profile.
SnapshotController *ManagedClusterStorageProfileSnapshotController_ARM `json:"snapshotController,omitempty"`
}
// Profile for Windows VMs in the managed cluster.
type ManagedClusterWindowsProfile_ARM struct {
// AdminPassword: Specifies the password of the administrator account.
// Minimum-length: 8 characters
// Max-length: 123 characters
// Complexity requirements: 3 out of 4 conditions below need to be fulfilled
// Has lower characters
// Has upper characters
// Has a digit
// Has a special character (Regex match [\W_])
// Disallowed values: "abc@123", "P@$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$word", "pass@word1", "Password!", "Password1",
// "Password22", "iloveyou!"
AdminPassword *string `json:"adminPassword,omitempty"`
// AdminUsername: Specifies the name of the administrator account.
// Restriction: Cannot end in "."
// Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123",
// "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server",
// "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5".
// Minimum-length: 1 character
// Max-length: 20 characters
AdminUsername *string `json:"adminUsername,omitempty"`
// EnableCSIProxy: For more details on CSI proxy, see the [CSI proxy GitHub
// repo](https://github.com/kubernetes-csi/csi-proxy).
EnableCSIProxy *bool `json:"enableCSIProxy,omitempty"`
// GmsaProfile: The Windows gMSA Profile in the Managed Cluster.
GmsaProfile *WindowsGmsaProfile_ARM `json:"gmsaProfile,omitempty"`
// LicenseType: The license type to use for Windows VMs. See [Azure Hybrid User
// Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.
LicenseType *ManagedClusterWindowsProfile_LicenseType `json:"licenseType,omitempty"`
}
// Workload Auto-scaler profile for the managed cluster.
type ManagedClusterWorkloadAutoScalerProfile_ARM struct {
// Keda: KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.
Keda *ManagedClusterWorkloadAutoScalerProfileKeda_ARM `json:"keda,omitempty"`
VerticalPodAutoscaler *ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler_ARM `json:"verticalPodAutoscaler,omitempty"`
}
// A private link resource
type PrivateLinkResource_ARM struct {
// GroupId: The group ID of the resource.
GroupId *string `json:"groupId,omitempty"`
Id *string `json:"id,omitempty"`
// Name: The name of the private link resource.
Name *string `json:"name,omitempty"`
// RequiredMembers: The RequiredMembers of the resource
RequiredMembers []string `json:"requiredMembers"`
// Type: The resource type.
Type *string `json:"type,omitempty"`
}
// Service mesh profile for a managed cluster.
type ServiceMeshProfile_ARM struct {
// Istio: Istio service mesh configuration.
Istio *IstioServiceMesh_ARM `json:"istio,omitempty"`
// Mode: Mode of the service mesh.
Mode *ServiceMeshProfile_Mode `json:"mode,omitempty"`
}
// Details about a user assigned identity.
type UserAssignedIdentity_ARM struct {
// ClientId: The client ID of the user assigned identity.
ClientId *string `json:"clientId,omitempty"`
// ObjectId: The object ID of the user assigned identity.
ObjectId *string `json:"objectId,omitempty"`
ResourceId *string `json:"resourceId,omitempty"`
}
// Information about the user assigned identity for the resource
type UserAssignedIdentityDetails_ARM struct {
}
// Azure Key Vault key management service settings for the security profile.
type AzureKeyVaultKms_ARM struct {
// Enabled: Whether to enable Azure Key Vault key management service. The default is false.
Enabled *bool `json:"enabled,omitempty"`
// KeyId: Identifier of Azure Key Vault key. See [key identifier
// format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name)
// for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key
// identifier. When Azure Key Vault key management service is disabled, leave the field empty.
KeyId *string `json:"keyId,omitempty"`
// KeyVaultNetworkAccess: Network access of key vault. The possible values are `Public` and `Private`. `Public` means the
// key vault allows public access from all networks. `Private` means the key vault disables public access and enables
// private link. The default value is `Public`.
KeyVaultNetworkAccess *AzureKeyVaultKms_KeyVaultNetworkAccess `json:"keyVaultNetworkAccess,omitempty"`
KeyVaultResourceId *string `json:"keyVaultResourceId,omitempty"`
}
type ContainerServiceNetworkProfile_KubeProxyConfig_ARM struct {
// Enabled: Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by
// default without these customizations).
Enabled *bool `json:"enabled,omitempty"`
// IpvsConfig: Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.
IpvsConfig *ContainerServiceNetworkProfile_KubeProxyConfig_IpvsConfig_ARM `json:"ipvsConfig,omitempty"`
// Mode: Specify which proxy mode to use ('IPTABLES' or 'IPVS')
Mode *ContainerServiceNetworkProfile_KubeProxyConfig_Mode `json:"mode,omitempty"`
}
// SSH configuration for Linux-based VMs running on Azure.
type ContainerServiceSshConfiguration_ARM struct {
// PublicKeys: The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.
PublicKeys []ContainerServiceSshPublicKey_ARM `json:"publicKeys"`
}
// Istio service mesh configuration.
type IstioServiceMesh_ARM struct {
// Components: Istio components configuration.
Components *IstioComponents_ARM `json:"components,omitempty"`
}
// Metrics profile for the prometheus service addon
type ManagedClusterAzureMonitorProfileMetrics_ARM struct {
// Enabled: Whether to enable the Prometheus collector
Enabled *bool `json:"enabled,omitempty"`
// KubeStateMetrics: Kube State Metrics for prometheus addon profile for the container service cluster
KubeStateMetrics *ManagedClusterAzureMonitorProfileKubeStateMetrics_ARM `json:"kubeStateMetrics,omitempty"`
}
// Web App Routing settings for the ingress profile.
type ManagedClusterIngressProfileWebAppRouting_ARM struct {
DnsZoneResourceId *string `json:"dnsZoneResourceId,omitempty"`
// Enabled: Whether to enable Web App Routing.
Enabled *bool `json:"enabled,omitempty"`
}
// Profile of the managed cluster load balancer.
type ManagedClusterLoadBalancerProfile_ARM struct {
// AllocatedOutboundPorts: The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000
// (inclusive). The default value is 0 which results in Azure dynamically allocating ports.
AllocatedOutboundPorts *int `json:"allocatedOutboundPorts,omitempty"`
// BackendPoolType: The type of the managed inbound Load Balancer BackendPool.
BackendPoolType *ManagedClusterLoadBalancerProfile_BackendPoolType `json:"backendPoolType,omitempty"`
// EffectiveOutboundIPs: The effective outbound IP resources of the cluster load balancer.
EffectiveOutboundIPs []ResourceReference_ARM `json:"effectiveOutboundIPs"`
// EnableMultipleStandardLoadBalancers: Enable multiple standard load balancers per AKS cluster or not.
EnableMultipleStandardLoadBalancers *bool `json:"enableMultipleStandardLoadBalancers,omitempty"`
// IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120
// (inclusive). The default value is 30 minutes.
IdleTimeoutInMinutes *int `json:"idleTimeoutInMinutes,omitempty"`
// ManagedOutboundIPs: Desired managed outbound IPs for the cluster load balancer.
ManagedOutboundIPs *ManagedClusterLoadBalancerProfile_ManagedOutboundIPs_ARM `json:"managedOutboundIPs,omitempty"`
// OutboundIPPrefixes: Desired outbound IP Prefix resources for the cluster load balancer.
OutboundIPPrefixes *ManagedClusterLoadBalancerProfile_OutboundIPPrefixes_ARM `json:"outboundIPPrefixes,omitempty"`
// OutboundIPs: Desired outbound IP resources for the cluster load balancer.
OutboundIPs *ManagedClusterLoadBalancerProfile_OutboundIPs_ARM `json:"outboundIPs,omitempty"`
}
// Profile of the managed cluster NAT gateway.
type ManagedClusterNATGatewayProfile_ARM struct {
// EffectiveOutboundIPs: The effective outbound IP resources of the cluster NAT gateway.
EffectiveOutboundIPs []ResourceReference_ARM `json:"effectiveOutboundIPs"`
// IdleTimeoutInMinutes: Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120
// (inclusive). The default value is 4 minutes.
IdleTimeoutInMinutes *int `json:"idleTimeoutInMinutes,omitempty"`
// ManagedOutboundIPProfile: Profile of the managed outbound IP resources of the cluster NAT gateway.
ManagedOutboundIPProfile *ManagedClusterManagedOutboundIPProfile_ARM `json:"managedOutboundIPProfile,omitempty"`
}
// Details about the pod identity assigned to the Managed Cluster.
type ManagedClusterPodIdentity_ARM struct {
// BindingSelector: The binding selector to use for the AzureIdentityBinding resource.
BindingSelector *string `json:"bindingSelector,omitempty"`
// Identity: The user assigned identity details.
Identity *UserAssignedIdentity_ARM `json:"identity,omitempty"`
// Name: The name of the pod identity.
Name *string `json:"name,omitempty"`
// Namespace: The namespace of the pod identity.
Namespace *string `json:"namespace,omitempty"`
}
// See [disable AAD Pod Identity for a specific
// Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.
type ManagedClusterPodIdentityException_ARM struct {
// Name: The name of the pod identity exception.
Name *string `json:"name,omitempty"`
// Namespace: The namespace of the pod identity exception.
Namespace *string `json:"namespace,omitempty"`
// PodLabels: The pod labels to match.
PodLabels map[string]string `json:"podLabels"`
}
// Microsoft Defender settings for the security profile.
type ManagedClusterSecurityProfileDefender_ARM struct {
LogAnalyticsWorkspaceResourceId *string `json:"logAnalyticsWorkspaceResourceId,omitempty"`
// SecurityMonitoring: Microsoft Defender threat detection for Cloud settings for the security profile.
SecurityMonitoring *ManagedClusterSecurityProfileDefenderSecurityMonitoring_ARM `json:"securityMonitoring,omitempty"`
}
// Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here
// are settings for the security profile.
type ManagedClusterSecurityProfileImageCleaner_ARM struct {
// Enabled: Whether to enable Image Cleaner on AKS cluster.
Enabled *bool `json:"enabled,omitempty"`
// IntervalHours: Image Cleaner scanning interval in hours.
IntervalHours *int `json:"intervalHours,omitempty"`
}
// Node Restriction settings for the security profile.
type ManagedClusterSecurityProfileNodeRestriction_ARM struct {
// Enabled: Whether to enable Node Restriction
Enabled *bool `json:"enabled,omitempty"`
}
// Workload identity settings for the security profile.
type ManagedClusterSecurityProfileWorkloadIdentity_ARM struct {
// Enabled: Whether to enable workload identity.
Enabled *bool `json:"enabled,omitempty"`
}
// AzureBlob CSI Driver settings for the storage profile.
type ManagedClusterStorageProfileBlobCSIDriver_ARM struct {
// Enabled: Whether to enable AzureBlob CSI Driver. The default value is false.
Enabled *bool `json:"enabled,omitempty"`
}
// AzureDisk CSI Driver settings for the storage profile.
type ManagedClusterStorageProfileDiskCSIDriver_ARM struct {
// Enabled: Whether to enable AzureDisk CSI Driver. The default value is true.
Enabled *bool `json:"enabled,omitempty"`
// Version: The version of AzureDisk CSI Driver. The default value is v1.
Version *string `json:"version,omitempty"`
}
// AzureFile CSI Driver settings for the storage profile.
type ManagedClusterStorageProfileFileCSIDriver_ARM struct {
// Enabled: Whether to enable AzureFile CSI Driver. The default value is true.
Enabled *bool `json:"enabled,omitempty"`