We recommend using Azure Native.
azure.containerservice.KubernetesCluster
Explore with Pulumi AI
Manages a Managed Kubernetes Cluster (also known as AKS / Azure Kubernetes Service)
Example Usage
This example provisions a basic Managed Kubernetes Cluster.
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new()
{
Location = "West Europe",
});
var exampleKubernetesCluster = new Azure.ContainerService.KubernetesCluster("exampleKubernetesCluster", new()
{
Location = exampleResourceGroup.Location,
ResourceGroupName = exampleResourceGroup.Name,
DnsPrefix = "exampleaks1",
DefaultNodePool = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolArgs
{
Name = "default",
NodeCount = 1,
VmSize = "Standard_D2_v2",
},
Identity = new Azure.ContainerService.Inputs.KubernetesClusterIdentityArgs
{
Type = "SystemAssigned",
},
Tags =
{
{ "Environment", "Production" },
},
});
return new Dictionary<string, object?>
{
["clientCertificate"] = exampleKubernetesCluster.KubeConfigs.Apply(kubeConfigs => kubeConfigs[0].ClientCertificate),
["kubeConfig"] = exampleKubernetesCluster.KubeConfigRaw,
};
});
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/containerservice"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleKubernetesCluster, err := containerservice.NewKubernetesCluster(ctx, "exampleKubernetesCluster", &containerservice.KubernetesClusterArgs{
Location: exampleResourceGroup.Location,
ResourceGroupName: exampleResourceGroup.Name,
DnsPrefix: pulumi.String("exampleaks1"),
DefaultNodePool: &containerservice.KubernetesClusterDefaultNodePoolArgs{
Name: pulumi.String("default"),
NodeCount: pulumi.Int(1),
VmSize: pulumi.String("Standard_D2_v2"),
},
Identity: &containerservice.KubernetesClusterIdentityArgs{
Type: pulumi.String("SystemAssigned"),
},
Tags: pulumi.StringMap{
"Environment": pulumi.String("Production"),
},
})
if err != nil {
return err
}
ctx.Export("clientCertificate", exampleKubernetesCluster.KubeConfigs.ApplyT(func(kubeConfigs []containerservice.KubernetesClusterKubeConfig) (*string, error) {
return &kubeConfigs[0].ClientCertificate, nil
}).(pulumi.StringPtrOutput))
ctx.Export("kubeConfig", exampleKubernetesCluster.KubeConfigRaw)
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.containerservice.KubernetesCluster;
import com.pulumi.azure.containerservice.KubernetesClusterArgs;
import com.pulumi.azure.containerservice.inputs.KubernetesClusterDefaultNodePoolArgs;
import com.pulumi.azure.containerservice.inputs.KubernetesClusterIdentityArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var exampleKubernetesCluster = new KubernetesCluster("exampleKubernetesCluster", KubernetesClusterArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.dnsPrefix("exampleaks1")
.defaultNodePool(KubernetesClusterDefaultNodePoolArgs.builder()
.name("default")
.nodeCount(1)
.vmSize("Standard_D2_v2")
.build())
.identity(KubernetesClusterIdentityArgs.builder()
.type("SystemAssigned")
.build())
.tags(Map.of("Environment", "Production"))
.build());
ctx.export("clientCertificate", exampleKubernetesCluster.kubeConfigs().applyValue(kubeConfigs -> kubeConfigs[0].clientCertificate()));
ctx.export("kubeConfig", exampleKubernetesCluster.kubeConfigRaw());
}
}
import pulumi
import pulumi_azure as azure
example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_kubernetes_cluster = azure.containerservice.KubernetesCluster("exampleKubernetesCluster",
location=example_resource_group.location,
resource_group_name=example_resource_group.name,
dns_prefix="exampleaks1",
default_node_pool=azure.containerservice.KubernetesClusterDefaultNodePoolArgs(
name="default",
node_count=1,
vm_size="Standard_D2_v2",
),
identity=azure.containerservice.KubernetesClusterIdentityArgs(
type="SystemAssigned",
),
tags={
"Environment": "Production",
})
pulumi.export("clientCertificate", example_kubernetes_cluster.kube_configs[0].client_certificate)
pulumi.export("kubeConfig", example_kubernetes_cluster.kube_config_raw)
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"});
const exampleKubernetesCluster = new azure.containerservice.KubernetesCluster("exampleKubernetesCluster", {
location: exampleResourceGroup.location,
resourceGroupName: exampleResourceGroup.name,
dnsPrefix: "exampleaks1",
defaultNodePool: {
name: "default",
nodeCount: 1,
vmSize: "Standard_D2_v2",
},
identity: {
type: "SystemAssigned",
},
tags: {
Environment: "Production",
},
});
export const clientCertificate = exampleKubernetesCluster.kubeConfigs.apply(kubeConfigs => kubeConfigs[0].clientCertificate);
export const kubeConfig = exampleKubernetesCluster.kubeConfigRaw;
resources:
exampleResourceGroup:
type: azure:core:ResourceGroup
properties:
location: West Europe
exampleKubernetesCluster:
type: azure:containerservice:KubernetesCluster
properties:
location: ${exampleResourceGroup.location}
resourceGroupName: ${exampleResourceGroup.name}
dnsPrefix: exampleaks1
defaultNodePool:
name: default
nodeCount: 1
vmSize: Standard_D2_v2
identity:
type: SystemAssigned
tags:
Environment: Production
outputs:
clientCertificate: ${exampleKubernetesCluster.kubeConfigs[0].clientCertificate}
kubeConfig: ${exampleKubernetesCluster.kubeConfigRaw}
Create KubernetesCluster Resource
new KubernetesCluster(name: string, args: KubernetesClusterArgs, opts?: CustomResourceOptions);
@overload
def KubernetesCluster(resource_name: str,
opts: Optional[ResourceOptions] = None,
aci_connector_linux: Optional[KubernetesClusterAciConnectorLinuxArgs] = None,
api_server_access_profile: Optional[KubernetesClusterApiServerAccessProfileArgs] = None,
api_server_authorized_ip_ranges: Optional[Sequence[str]] = None,
auto_scaler_profile: Optional[KubernetesClusterAutoScalerProfileArgs] = None,
automatic_channel_upgrade: Optional[str] = None,
azure_active_directory_role_based_access_control: Optional[KubernetesClusterAzureActiveDirectoryRoleBasedAccessControlArgs] = None,
azure_policy_enabled: Optional[bool] = None,
confidential_computing: Optional[KubernetesClusterConfidentialComputingArgs] = None,
default_node_pool: Optional[KubernetesClusterDefaultNodePoolArgs] = None,
disk_encryption_set_id: Optional[str] = None,
dns_prefix: Optional[str] = None,
dns_prefix_private_cluster: Optional[str] = None,
edge_zone: Optional[str] = None,
enable_pod_security_policy: Optional[bool] = None,
http_application_routing_enabled: Optional[bool] = None,
http_proxy_config: Optional[KubernetesClusterHttpProxyConfigArgs] = None,
identity: Optional[KubernetesClusterIdentityArgs] = None,
image_cleaner_enabled: Optional[bool] = None,
image_cleaner_interval_hours: Optional[int] = None,
ingress_application_gateway: Optional[KubernetesClusterIngressApplicationGatewayArgs] = None,
key_management_service: Optional[KubernetesClusterKeyManagementServiceArgs] = None,
key_vault_secrets_provider: Optional[KubernetesClusterKeyVaultSecretsProviderArgs] = None,
kubelet_identity: Optional[KubernetesClusterKubeletIdentityArgs] = None,
kubernetes_version: Optional[str] = None,
linux_profile: Optional[KubernetesClusterLinuxProfileArgs] = None,
local_account_disabled: Optional[bool] = None,
location: Optional[str] = None,
maintenance_window: Optional[KubernetesClusterMaintenanceWindowArgs] = None,
microsoft_defender: Optional[KubernetesClusterMicrosoftDefenderArgs] = None,
monitor_metrics: Optional[KubernetesClusterMonitorMetricsArgs] = None,
name: Optional[str] = None,
network_profile: Optional[KubernetesClusterNetworkProfileArgs] = None,
node_resource_group: Optional[str] = None,
oidc_issuer_enabled: Optional[bool] = None,
oms_agent: Optional[KubernetesClusterOmsAgentArgs] = None,
open_service_mesh_enabled: Optional[bool] = None,
private_cluster_enabled: Optional[bool] = None,
private_cluster_public_fqdn_enabled: Optional[bool] = None,
private_dns_zone_id: Optional[str] = None,
public_network_access_enabled: Optional[bool] = None,
resource_group_name: Optional[str] = None,
role_based_access_control_enabled: Optional[bool] = None,
run_command_enabled: Optional[bool] = None,
service_mesh_profile: Optional[KubernetesClusterServiceMeshProfileArgs] = None,
service_principal: Optional[KubernetesClusterServicePrincipalArgs] = None,
sku_tier: Optional[str] = None,
storage_profile: Optional[KubernetesClusterStorageProfileArgs] = None,
tags: Optional[Mapping[str, str]] = None,
web_app_routing: Optional[KubernetesClusterWebAppRoutingArgs] = None,
windows_profile: Optional[KubernetesClusterWindowsProfileArgs] = None,
workload_autoscaler_profile: Optional[KubernetesClusterWorkloadAutoscalerProfileArgs] = None,
workload_identity_enabled: Optional[bool] = None)
@overload
def KubernetesCluster(resource_name: str,
args: KubernetesClusterArgs,
opts: Optional[ResourceOptions] = None)
func NewKubernetesCluster(ctx *Context, name string, args KubernetesClusterArgs, opts ...ResourceOption) (*KubernetesCluster, error)
public KubernetesCluster(string name, KubernetesClusterArgs args, CustomResourceOptions? opts = null)
public KubernetesCluster(String name, KubernetesClusterArgs args)
public KubernetesCluster(String name, KubernetesClusterArgs args, CustomResourceOptions options)
type: azure:containerservice:KubernetesCluster
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args KubernetesClusterArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args KubernetesClusterArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args KubernetesClusterArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args KubernetesClusterArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args KubernetesClusterArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
KubernetesCluster Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The KubernetesCluster resource accepts the following input properties:
- Default
Node KubernetesPool Cluster Default Node Pool Args A
default_node_pool
block as defined below.- Resource
Group stringName Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- Aci
Connector KubernetesLinux Cluster Aci Connector Linux Args A
aci_connector_linux
block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.- Api
Server KubernetesAccess Profile Cluster Api Server Access Profile Args An
api_server_access_profile
block as defined below.- List<string>
This property has been renamed to
authorized_ip_ranges
within theapi_server_access_profile
block and will be removed in v4.0 of the provider- Auto
Scaler KubernetesProfile Cluster Auto Scaler Profile Args A
auto_scaler_profile
block as defined below.- Automatic
Channel stringUpgrade The upgrade channel for this Kubernetes Cluster. Possible values are
patch
,rapid
,node-image
andstable
. Omitting this field sets this value tonone
.- Azure
Active KubernetesDirectory Role Based Access Control Cluster Azure Active Directory Role Based Access Control Args A
azure_active_directory_role_based_access_control
block as defined below.- Azure
Policy boolEnabled Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service
- Confidential
Computing KubernetesCluster Confidential Computing Args A
confidential_computing
block as defined below. For more details please the documentation- Disk
Encryption stringSet Id The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.
- Dns
Prefix string DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.
- Dns
Prefix stringPrivate Cluster Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.
- Edge
Zone string Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- Enable
Pod boolSecurity Policy The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.
- Http
Application boolRouting Enabled Should HTTP Application Routing be enabled?
- Http
Proxy KubernetesConfig Cluster Http Proxy Config Args A
http_proxy_config
block as defined below.- Identity
Kubernetes
Cluster Identity Args An
identity
block as defined below. One of eitheridentity
orservice_principal
must be specified.- Image
Cleaner boolEnabled Specifies whether Image Cleaner is enabled.
- Image
Cleaner intInterval Hours Specifies the interval in hours when images should be cleaned up. Defaults to
48
.- Ingress
Application KubernetesGateway Cluster Ingress Application Gateway Args A
ingress_application_gateway
block as defined below.- Key
Management KubernetesService Cluster Key Management Service Args A
key_management_service
block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.- Key
Vault KubernetesSecrets Provider Cluster Key Vault Secrets Provider Args A
key_vault_secrets_provider
block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.- Kubelet
Identity KubernetesCluster Kubelet Identity Args A
kubelet_identity
block as defined below.- Kubernetes
Version string Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as
1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- Linux
Profile KubernetesCluster Linux Profile Args A
linux_profile
block as defined below.- Local
Account boolDisabled If
true
local accounts will be disabled. See the documentation for more information.- Location string
The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.
- Maintenance
Window KubernetesCluster Maintenance Window Args A
maintenance_window
block as defined below.- Microsoft
Defender KubernetesCluster Microsoft Defender Args A
microsoft_defender
block as defined below.- Monitor
Metrics KubernetesCluster Monitor Metrics Args Specifies a Prometheus add-on profile for the Kubernetes Cluster. A
monitor_metrics
block as defined below.- Name string
The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.
- Network
Profile KubernetesCluster Network Profile Args A
network_profile
block as defined below. Changing this forces a new resource to be created.- Node
Resource stringGroup The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.
- Oidc
Issuer boolEnabled Enable or Disable the OIDC issuer URL
- Oms
Agent KubernetesCluster Oms Agent Args A
oms_agent
block as defined below.- Open
Service boolMesh Enabled Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.
- Private
Cluster boolEnabled Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to
false
. Changing this forces a new resource to be created.- Private
Cluster boolPublic Fqdn Enabled Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to
false
.- Private
Dns stringZone Id Either the ID of Private DNS Zone which should be delegated to this Cluster,
System
to have AKS manage this orNone
. In case ofNone
you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.- Public
Network boolAccess Enabled Whether public network access is allowed for this Kubernetes Cluster. Defaults to
true
. Changing this forces a new resource to be created.- Role
Based boolAccess Control Enabled Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to
true
. Changing this forces a new resource to be created.- Run
Command boolEnabled Whether to enable run command for the cluster or not. Defaults to
true
.- Service
Mesh KubernetesProfile Cluster Service Mesh Profile Args A
service_mesh_profile
block as defined below.- Service
Principal KubernetesCluster Service Principal Args A
service_principal
block as documented below. One of eitheridentity
orservice_principal
must be specified.- Sku
Tier string The SKU Tier that should be used for this Kubernetes Cluster. Possible values are
Free
, andStandard
(which includes the Uptime SLA). Defaults toFree
.- Storage
Profile KubernetesCluster Storage Profile Args A
storage_profile
block as defined below.- Dictionary<string, string>
A mapping of tags to assign to the resource.
- Web
App KubernetesRouting Cluster Web App Routing Args A
web_app_routing
block as defined below.- Windows
Profile KubernetesCluster Windows Profile Args A
windows_profile
block as defined below.- Workload
Autoscaler KubernetesProfile Cluster Workload Autoscaler Profile Args A
workload_autoscaler_profile
block defined below.- Workload
Identity boolEnabled Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to
false
.
- Default
Node KubernetesPool Cluster Default Node Pool Args A
default_node_pool
block as defined below.- Resource
Group stringName Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- Aci
Connector KubernetesLinux Cluster Aci Connector Linux Args A
aci_connector_linux
block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.- Api
Server KubernetesAccess Profile Cluster Api Server Access Profile Args An
api_server_access_profile
block as defined below.- []string
This property has been renamed to
authorized_ip_ranges
within theapi_server_access_profile
block and will be removed in v4.0 of the provider- Auto
Scaler KubernetesProfile Cluster Auto Scaler Profile Args A
auto_scaler_profile
block as defined below.- Automatic
Channel stringUpgrade The upgrade channel for this Kubernetes Cluster. Possible values are
patch
,rapid
,node-image
andstable
. Omitting this field sets this value tonone
.- Azure
Active KubernetesDirectory Role Based Access Control Cluster Azure Active Directory Role Based Access Control Args A
azure_active_directory_role_based_access_control
block as defined below.- Azure
Policy boolEnabled Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service
- Confidential
Computing KubernetesCluster Confidential Computing Args A
confidential_computing
block as defined below. For more details please the documentation- Disk
Encryption stringSet Id The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.
- Dns
Prefix string DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.
- Dns
Prefix stringPrivate Cluster Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.
- Edge
Zone string Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- Enable
Pod boolSecurity Policy The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.
- Http
Application boolRouting Enabled Should HTTP Application Routing be enabled?
- Http
Proxy KubernetesConfig Cluster Http Proxy Config Args A
http_proxy_config
block as defined below.- Identity
Kubernetes
Cluster Identity Args An
identity
block as defined below. One of eitheridentity
orservice_principal
must be specified.- Image
Cleaner boolEnabled Specifies whether Image Cleaner is enabled.
- Image
Cleaner intInterval Hours Specifies the interval in hours when images should be cleaned up. Defaults to
48
.- Ingress
Application KubernetesGateway Cluster Ingress Application Gateway Args A
ingress_application_gateway
block as defined below.- Key
Management KubernetesService Cluster Key Management Service Args A
key_management_service
block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.- Key
Vault KubernetesSecrets Provider Cluster Key Vault Secrets Provider Args A
key_vault_secrets_provider
block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.- Kubelet
Identity KubernetesCluster Kubelet Identity Args A
kubelet_identity
block as defined below.- Kubernetes
Version string Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as
1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- Linux
Profile KubernetesCluster Linux Profile Args A
linux_profile
block as defined below.- Local
Account boolDisabled If
true
local accounts will be disabled. See the documentation for more information.- Location string
The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.
- Maintenance
Window KubernetesCluster Maintenance Window Args A
maintenance_window
block as defined below.- Microsoft
Defender KubernetesCluster Microsoft Defender Args A
microsoft_defender
block as defined below.- Monitor
Metrics KubernetesCluster Monitor Metrics Args Specifies a Prometheus add-on profile for the Kubernetes Cluster. A
monitor_metrics
block as defined below.- Name string
The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.
- Network
Profile KubernetesCluster Network Profile Args A
network_profile
block as defined below. Changing this forces a new resource to be created.- Node
Resource stringGroup The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.
- Oidc
Issuer boolEnabled Enable or Disable the OIDC issuer URL
- Oms
Agent KubernetesCluster Oms Agent Args A
oms_agent
block as defined below.- Open
Service boolMesh Enabled Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.
- Private
Cluster boolEnabled Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to
false
. Changing this forces a new resource to be created.- Private
Cluster boolPublic Fqdn Enabled Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to
false
.- Private
Dns stringZone Id Either the ID of Private DNS Zone which should be delegated to this Cluster,
System
to have AKS manage this orNone
. In case ofNone
you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.- Public
Network boolAccess Enabled Whether public network access is allowed for this Kubernetes Cluster. Defaults to
true
. Changing this forces a new resource to be created.- Role
Based boolAccess Control Enabled Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to
true
. Changing this forces a new resource to be created.- Run
Command boolEnabled Whether to enable run command for the cluster or not. Defaults to
true
.- Service
Mesh KubernetesProfile Cluster Service Mesh Profile Args A
service_mesh_profile
block as defined below.- Service
Principal KubernetesCluster Service Principal Args A
service_principal
block as documented below. One of eitheridentity
orservice_principal
must be specified.- Sku
Tier string The SKU Tier that should be used for this Kubernetes Cluster. Possible values are
Free
, andStandard
(which includes the Uptime SLA). Defaults toFree
.- Storage
Profile KubernetesCluster Storage Profile Args A
storage_profile
block as defined below.- map[string]string
A mapping of tags to assign to the resource.
- Web
App KubernetesRouting Cluster Web App Routing Args A
web_app_routing
block as defined below.- Windows
Profile KubernetesCluster Windows Profile Args A
windows_profile
block as defined below.- Workload
Autoscaler KubernetesProfile Cluster Workload Autoscaler Profile Args A
workload_autoscaler_profile
block defined below.- Workload
Identity boolEnabled Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to
false
.
- default
Node KubernetesPool Cluster Default Node Pool Args A
default_node_pool
block as defined below.- resource
Group StringName Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- aci
Connector KubernetesLinux Cluster Aci Connector Linux Args A
aci_connector_linux
block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.- api
Server KubernetesAccess Profile Cluster Api Server Access Profile Args An
api_server_access_profile
block as defined below.- List<String>
This property has been renamed to
authorized_ip_ranges
within theapi_server_access_profile
block and will be removed in v4.0 of the provider- auto
Scaler KubernetesProfile Cluster Auto Scaler Profile Args A
auto_scaler_profile
block as defined below.- automatic
Channel StringUpgrade The upgrade channel for this Kubernetes Cluster. Possible values are
patch
,rapid
,node-image
andstable
. Omitting this field sets this value tonone
.- azure
Active KubernetesDirectory Role Based Access Control Cluster Azure Active Directory Role Based Access Control Args A
azure_active_directory_role_based_access_control
block as defined below.- azure
Policy BooleanEnabled Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service
- confidential
Computing KubernetesCluster Confidential Computing Args A
confidential_computing
block as defined below. For more details please the documentation- disk
Encryption StringSet Id The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.
- dns
Prefix String DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.
- dns
Prefix StringPrivate Cluster Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.
- edge
Zone String Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- enable
Pod BooleanSecurity Policy The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.
- http
Application BooleanRouting Enabled Should HTTP Application Routing be enabled?
- http
Proxy KubernetesConfig Cluster Http Proxy Config Args A
http_proxy_config
block as defined below.- identity
Kubernetes
Cluster Identity Args An
identity
block as defined below. One of eitheridentity
orservice_principal
must be specified.- image
Cleaner BooleanEnabled Specifies whether Image Cleaner is enabled.
- image
Cleaner IntegerInterval Hours Specifies the interval in hours when images should be cleaned up. Defaults to
48
.- ingress
Application KubernetesGateway Cluster Ingress Application Gateway Args A
ingress_application_gateway
block as defined below.- key
Management KubernetesService Cluster Key Management Service Args A
key_management_service
block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.- key
Vault KubernetesSecrets Provider Cluster Key Vault Secrets Provider Args A
key_vault_secrets_provider
block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.- kubelet
Identity KubernetesCluster Kubelet Identity Args A
kubelet_identity
block as defined below.- kubernetes
Version String Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as
1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- linux
Profile KubernetesCluster Linux Profile Args A
linux_profile
block as defined below.- local
Account BooleanDisabled If
true
local accounts will be disabled. See the documentation for more information.- location String
The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.
- maintenance
Window KubernetesCluster Maintenance Window Args A
maintenance_window
block as defined below.- microsoft
Defender KubernetesCluster Microsoft Defender Args A
microsoft_defender
block as defined below.- monitor
Metrics KubernetesCluster Monitor Metrics Args Specifies a Prometheus add-on profile for the Kubernetes Cluster. A
monitor_metrics
block as defined below.- name String
The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.
- network
Profile KubernetesCluster Network Profile Args A
network_profile
block as defined below. Changing this forces a new resource to be created.- node
Resource StringGroup The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.
- oidc
Issuer BooleanEnabled Enable or Disable the OIDC issuer URL
- oms
Agent KubernetesCluster Oms Agent Args A
oms_agent
block as defined below.- open
Service BooleanMesh Enabled Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.
- private
Cluster BooleanEnabled Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to
false
. Changing this forces a new resource to be created.- private
Cluster BooleanPublic Fqdn Enabled Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to
false
.- private
Dns StringZone Id Either the ID of Private DNS Zone which should be delegated to this Cluster,
System
to have AKS manage this orNone
. In case ofNone
you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.- public
Network BooleanAccess Enabled Whether public network access is allowed for this Kubernetes Cluster. Defaults to
true
. Changing this forces a new resource to be created.- role
Based BooleanAccess Control Enabled Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to
true
. Changing this forces a new resource to be created.- run
Command BooleanEnabled Whether to enable run command for the cluster or not. Defaults to
true
.- service
Mesh KubernetesProfile Cluster Service Mesh Profile Args A
service_mesh_profile
block as defined below.- service
Principal KubernetesCluster Service Principal Args A
service_principal
block as documented below. One of eitheridentity
orservice_principal
must be specified.- sku
Tier String The SKU Tier that should be used for this Kubernetes Cluster. Possible values are
Free
, andStandard
(which includes the Uptime SLA). Defaults toFree
.- storage
Profile KubernetesCluster Storage Profile Args A
storage_profile
block as defined below.- Map<String,String>
A mapping of tags to assign to the resource.
- web
App KubernetesRouting Cluster Web App Routing Args A
web_app_routing
block as defined below.- windows
Profile KubernetesCluster Windows Profile Args A
windows_profile
block as defined below.- workload
Autoscaler KubernetesProfile Cluster Workload Autoscaler Profile Args A
workload_autoscaler_profile
block defined below.- workload
Identity BooleanEnabled Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to
false
.
- default
Node KubernetesPool Cluster Default Node Pool Args A
default_node_pool
block as defined below.- resource
Group stringName Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- aci
Connector KubernetesLinux Cluster Aci Connector Linux Args A
aci_connector_linux
block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.- api
Server KubernetesAccess Profile Cluster Api Server Access Profile Args An
api_server_access_profile
block as defined below.- string[]
This property has been renamed to
authorized_ip_ranges
within theapi_server_access_profile
block and will be removed in v4.0 of the provider- auto
Scaler KubernetesProfile Cluster Auto Scaler Profile Args A
auto_scaler_profile
block as defined below.- automatic
Channel stringUpgrade The upgrade channel for this Kubernetes Cluster. Possible values are
patch
,rapid
,node-image
andstable
. Omitting this field sets this value tonone
.- azure
Active KubernetesDirectory Role Based Access Control Cluster Azure Active Directory Role Based Access Control Args A
azure_active_directory_role_based_access_control
block as defined below.- azure
Policy booleanEnabled Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service
- confidential
Computing KubernetesCluster Confidential Computing Args A
confidential_computing
block as defined below. For more details please the documentation- disk
Encryption stringSet Id The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.
- dns
Prefix string DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.
- dns
Prefix stringPrivate Cluster Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.
- edge
Zone string Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- enable
Pod booleanSecurity Policy The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.
- http
Application booleanRouting Enabled Should HTTP Application Routing be enabled?
- http
Proxy KubernetesConfig Cluster Http Proxy Config Args A
http_proxy_config
block as defined below.- identity
Kubernetes
Cluster Identity Args An
identity
block as defined below. One of eitheridentity
orservice_principal
must be specified.- image
Cleaner booleanEnabled Specifies whether Image Cleaner is enabled.
- image
Cleaner numberInterval Hours Specifies the interval in hours when images should be cleaned up. Defaults to
48
.- ingress
Application KubernetesGateway Cluster Ingress Application Gateway Args A
ingress_application_gateway
block as defined below.- key
Management KubernetesService Cluster Key Management Service Args A
key_management_service
block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.- key
Vault KubernetesSecrets Provider Cluster Key Vault Secrets Provider Args A
key_vault_secrets_provider
block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.- kubelet
Identity KubernetesCluster Kubelet Identity Args A
kubelet_identity
block as defined below.- kubernetes
Version string Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as
1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- linux
Profile KubernetesCluster Linux Profile Args A
linux_profile
block as defined below.- local
Account booleanDisabled If
true
local accounts will be disabled. See the documentation for more information.- location string
The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.
- maintenance
Window KubernetesCluster Maintenance Window Args A
maintenance_window
block as defined below.- microsoft
Defender KubernetesCluster Microsoft Defender Args A
microsoft_defender
block as defined below.- monitor
Metrics KubernetesCluster Monitor Metrics Args Specifies a Prometheus add-on profile for the Kubernetes Cluster. A
monitor_metrics
block as defined below.- name string
The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.
- network
Profile KubernetesCluster Network Profile Args A
network_profile
block as defined below. Changing this forces a new resource to be created.- node
Resource stringGroup The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.
- oidc
Issuer booleanEnabled Enable or Disable the OIDC issuer URL
- oms
Agent KubernetesCluster Oms Agent Args A
oms_agent
block as defined below.- open
Service booleanMesh Enabled Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.
- private
Cluster booleanEnabled Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to
false
. Changing this forces a new resource to be created.- private
Cluster booleanPublic Fqdn Enabled Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to
false
.- private
Dns stringZone Id Either the ID of Private DNS Zone which should be delegated to this Cluster,
System
to have AKS manage this orNone
. In case ofNone
you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.- public
Network booleanAccess Enabled Whether public network access is allowed for this Kubernetes Cluster. Defaults to
true
. Changing this forces a new resource to be created.- role
Based booleanAccess Control Enabled Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to
true
. Changing this forces a new resource to be created.- run
Command booleanEnabled Whether to enable run command for the cluster or not. Defaults to
true
.- service
Mesh KubernetesProfile Cluster Service Mesh Profile Args A
service_mesh_profile
block as defined below.- service
Principal KubernetesCluster Service Principal Args A
service_principal
block as documented below. One of eitheridentity
orservice_principal
must be specified.- sku
Tier string The SKU Tier that should be used for this Kubernetes Cluster. Possible values are
Free
, andStandard
(which includes the Uptime SLA). Defaults toFree
.- storage
Profile KubernetesCluster Storage Profile Args A
storage_profile
block as defined below.- {[key: string]: string}
A mapping of tags to assign to the resource.
- web
App KubernetesRouting Cluster Web App Routing Args A
web_app_routing
block as defined below.- windows
Profile KubernetesCluster Windows Profile Args A
windows_profile
block as defined below.- workload
Autoscaler KubernetesProfile Cluster Workload Autoscaler Profile Args A
workload_autoscaler_profile
block defined below.- workload
Identity booleanEnabled Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to
false
.
- default_
node_ Kubernetespool Cluster Default Node Pool Args A
default_node_pool
block as defined below.- resource_
group_ strname Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- aci_
connector_ Kuberneteslinux Cluster Aci Connector Linux Args A
aci_connector_linux
block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.- api_
server_ Kubernetesaccess_ profile Cluster Api Server Access Profile Args An
api_server_access_profile
block as defined below.- Sequence[str]
This property has been renamed to
authorized_ip_ranges
within theapi_server_access_profile
block and will be removed in v4.0 of the provider- auto_
scaler_ Kubernetesprofile Cluster Auto Scaler Profile Args A
auto_scaler_profile
block as defined below.- automatic_
channel_ strupgrade The upgrade channel for this Kubernetes Cluster. Possible values are
patch
,rapid
,node-image
andstable
. Omitting this field sets this value tonone
.- azure_
active_ Kubernetesdirectory_ role_ based_ access_ control Cluster Azure Active Directory Role Based Access Control Args A
azure_active_directory_role_based_access_control
block as defined below.- azure_
policy_ boolenabled Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service
- confidential_
computing KubernetesCluster Confidential Computing Args A
confidential_computing
block as defined below. For more details please the documentation- disk_
encryption_ strset_ id The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.
- dns_
prefix str DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.
- dns_
prefix_ strprivate_ cluster Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.
- edge_
zone str Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- enable_
pod_ boolsecurity_ policy The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.
- http_
application_ boolrouting_ enabled Should HTTP Application Routing be enabled?
- http_
proxy_ Kubernetesconfig Cluster Http Proxy Config Args A
http_proxy_config
block as defined below.- identity
Kubernetes
Cluster Identity Args An
identity
block as defined below. One of eitheridentity
orservice_principal
must be specified.- image_
cleaner_ boolenabled Specifies whether Image Cleaner is enabled.
- image_
cleaner_ intinterval_ hours Specifies the interval in hours when images should be cleaned up. Defaults to
48
.- ingress_
application_ Kubernetesgateway Cluster Ingress Application Gateway Args A
ingress_application_gateway
block as defined below.- key_
management_ Kubernetesservice Cluster Key Management Service Args A
key_management_service
block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.- key_
vault_ Kubernetessecrets_ provider Cluster Key Vault Secrets Provider Args A
key_vault_secrets_provider
block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.- kubelet_
identity KubernetesCluster Kubelet Identity Args A
kubelet_identity
block as defined below.- kubernetes_
version str Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as
1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- linux_
profile KubernetesCluster Linux Profile Args A
linux_profile
block as defined below.- local_
account_ booldisabled If
true
local accounts will be disabled. See the documentation for more information.- location str
The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.
- maintenance_
window KubernetesCluster Maintenance Window Args A
maintenance_window
block as defined below.- microsoft_
defender KubernetesCluster Microsoft Defender Args A
microsoft_defender
block as defined below.- monitor_
metrics KubernetesCluster Monitor Metrics Args Specifies a Prometheus add-on profile for the Kubernetes Cluster. A
monitor_metrics
block as defined below.- name str
The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.
- network_
profile KubernetesCluster Network Profile Args A
network_profile
block as defined below. Changing this forces a new resource to be created.- node_
resource_ strgroup The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.
- oidc_
issuer_ boolenabled Enable or Disable the OIDC issuer URL
- oms_
agent KubernetesCluster Oms Agent Args A
oms_agent
block as defined below.- open_
service_ boolmesh_ enabled Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.
- private_
cluster_ boolenabled Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to
false
. Changing this forces a new resource to be created.- private_
cluster_ boolpublic_ fqdn_ enabled Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to
false
.- private_
dns_ strzone_ id Either the ID of Private DNS Zone which should be delegated to this Cluster,
System
to have AKS manage this orNone
. In case ofNone
you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.- public_
network_ boolaccess_ enabled Whether public network access is allowed for this Kubernetes Cluster. Defaults to
true
. Changing this forces a new resource to be created.- role_
based_ boolaccess_ control_ enabled Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to
true
. Changing this forces a new resource to be created.- run_
command_ boolenabled Whether to enable run command for the cluster or not. Defaults to
true
.- service_
mesh_ Kubernetesprofile Cluster Service Mesh Profile Args A
service_mesh_profile
block as defined below.- service_
principal KubernetesCluster Service Principal Args A
service_principal
block as documented below. One of eitheridentity
orservice_principal
must be specified.- sku_
tier str The SKU Tier that should be used for this Kubernetes Cluster. Possible values are
Free
, andStandard
(which includes the Uptime SLA). Defaults toFree
.- storage_
profile KubernetesCluster Storage Profile Args A
storage_profile
block as defined below.- Mapping[str, str]
A mapping of tags to assign to the resource.
- web_
app_ Kubernetesrouting Cluster Web App Routing Args A
web_app_routing
block as defined below.- windows_
profile KubernetesCluster Windows Profile Args A
windows_profile
block as defined below.- workload_
autoscaler_ Kubernetesprofile Cluster Workload Autoscaler Profile Args A
workload_autoscaler_profile
block defined below.- workload_
identity_ boolenabled Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to
false
.
- default
Node Property MapPool A
default_node_pool
block as defined below.- resource
Group StringName Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- aci
Connector Property MapLinux A
aci_connector_linux
block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.- api
Server Property MapAccess Profile An
api_server_access_profile
block as defined below.- List<String>
This property has been renamed to
authorized_ip_ranges
within theapi_server_access_profile
block and will be removed in v4.0 of the provider- auto
Scaler Property MapProfile A
auto_scaler_profile
block as defined below.- automatic
Channel StringUpgrade The upgrade channel for this Kubernetes Cluster. Possible values are
patch
,rapid
,node-image
andstable
. Omitting this field sets this value tonone
.- azure
Active Property MapDirectory Role Based Access Control A
azure_active_directory_role_based_access_control
block as defined below.- azure
Policy BooleanEnabled Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service
- confidential
Computing Property Map A
confidential_computing
block as defined below. For more details please the documentation- disk
Encryption StringSet Id The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.
- dns
Prefix String DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.
- dns
Prefix StringPrivate Cluster Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.
- edge
Zone String Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- enable
Pod BooleanSecurity Policy The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.
- http
Application BooleanRouting Enabled Should HTTP Application Routing be enabled?
- http
Proxy Property MapConfig A
http_proxy_config
block as defined below.- identity Property Map
An
identity
block as defined below. One of eitheridentity
orservice_principal
must be specified.- image
Cleaner BooleanEnabled Specifies whether Image Cleaner is enabled.
- image
Cleaner NumberInterval Hours Specifies the interval in hours when images should be cleaned up. Defaults to
48
.- ingress
Application Property MapGateway A
ingress_application_gateway
block as defined below.- key
Management Property MapService A
key_management_service
block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.- key
Vault Property MapSecrets Provider A
key_vault_secrets_provider
block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.- kubelet
Identity Property Map A
kubelet_identity
block as defined below.- kubernetes
Version String Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as
1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- linux
Profile Property Map A
linux_profile
block as defined below.- local
Account BooleanDisabled If
true
local accounts will be disabled. See the documentation for more information.- location String
The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.
- maintenance
Window Property Map A
maintenance_window
block as defined below.- microsoft
Defender Property Map A
microsoft_defender
block as defined below.- monitor
Metrics Property Map Specifies a Prometheus add-on profile for the Kubernetes Cluster. A
monitor_metrics
block as defined below.- name String
The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.
- network
Profile Property Map A
network_profile
block as defined below. Changing this forces a new resource to be created.- node
Resource StringGroup The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.
- oidc
Issuer BooleanEnabled Enable or Disable the OIDC issuer URL
- oms
Agent Property Map A
oms_agent
block as defined below.- open
Service BooleanMesh Enabled Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.
- private
Cluster BooleanEnabled Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to
false
. Changing this forces a new resource to be created.- private
Cluster BooleanPublic Fqdn Enabled Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to
false
.- private
Dns StringZone Id Either the ID of Private DNS Zone which should be delegated to this Cluster,
System
to have AKS manage this orNone
. In case ofNone
you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.- public
Network BooleanAccess Enabled Whether public network access is allowed for this Kubernetes Cluster. Defaults to
true
. Changing this forces a new resource to be created.- role
Based BooleanAccess Control Enabled Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to
true
. Changing this forces a new resource to be created.- run
Command BooleanEnabled Whether to enable run command for the cluster or not. Defaults to
true
.- service
Mesh Property MapProfile A
service_mesh_profile
block as defined below.- service
Principal Property Map A
service_principal
block as documented below. One of eitheridentity
orservice_principal
must be specified.- sku
Tier String The SKU Tier that should be used for this Kubernetes Cluster. Possible values are
Free
, andStandard
(which includes the Uptime SLA). Defaults toFree
.- storage
Profile Property Map A
storage_profile
block as defined below.- Map<String>
A mapping of tags to assign to the resource.
- web
App Property MapRouting A
web_app_routing
block as defined below.- windows
Profile Property Map A
windows_profile
block as defined below.- workload
Autoscaler Property MapProfile A
workload_autoscaler_profile
block defined below.- workload
Identity BooleanEnabled Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to
false
.
Outputs
All input properties are implicitly available as output properties. Additionally, the KubernetesCluster resource produces the following output properties:
- Fqdn string
The FQDN of the Azure Kubernetes Managed Cluster.
- Http
Application stringRouting Zone Name The Zone Name of the HTTP Application Routing.
- Id string
The provider-assigned unique ID for this managed resource.
- Kube
Admin stringConfig Raw Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.
- Kube
Admin List<KubernetesConfigs Cluster Kube Admin Config> A
kube_admin_config
block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.- Kube
Config stringRaw Raw Kubernetes config to be used by kubectl and other compatible tools.
- Kube
Configs List<KubernetesCluster Kube Config> A
kube_config
block as defined below.- Node
Resource stringGroup Id The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.
- Oidc
Issuer stringUrl The OIDC issuer URL that is associated with the cluster.
- Portal
Fqdn string The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- Private
Fqdn string The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- Fqdn string
The FQDN of the Azure Kubernetes Managed Cluster.
- Http
Application stringRouting Zone Name The Zone Name of the HTTP Application Routing.
- Id string
The provider-assigned unique ID for this managed resource.
- Kube
Admin stringConfig Raw Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.
- Kube
Admin []KubernetesConfigs Cluster Kube Admin Config A
kube_admin_config
block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.- Kube
Config stringRaw Raw Kubernetes config to be used by kubectl and other compatible tools.
- Kube
Configs []KubernetesCluster Kube Config A
kube_config
block as defined below.- Node
Resource stringGroup Id The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.
- Oidc
Issuer stringUrl The OIDC issuer URL that is associated with the cluster.
- Portal
Fqdn string The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- Private
Fqdn string The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- fqdn String
The FQDN of the Azure Kubernetes Managed Cluster.
- http
Application StringRouting Zone Name The Zone Name of the HTTP Application Routing.
- id String
The provider-assigned unique ID for this managed resource.
- kube
Admin StringConfig Raw Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.
- kube
Admin List<KubernetesConfigs Cluster Kube Admin Config> A
kube_admin_config
block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.- kube
Config StringRaw Raw Kubernetes config to be used by kubectl and other compatible tools.
- kube
Configs List<KubernetesCluster Kube Config> A
kube_config
block as defined below.- node
Resource StringGroup Id The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.
- oidc
Issuer StringUrl The OIDC issuer URL that is associated with the cluster.
- portal
Fqdn String The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- private
Fqdn String The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- fqdn string
The FQDN of the Azure Kubernetes Managed Cluster.
- http
Application stringRouting Zone Name The Zone Name of the HTTP Application Routing.
- id string
The provider-assigned unique ID for this managed resource.
- kube
Admin stringConfig Raw Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.
- kube
Admin KubernetesConfigs Cluster Kube Admin Config[] A
kube_admin_config
block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.- kube
Config stringRaw Raw Kubernetes config to be used by kubectl and other compatible tools.
- kube
Configs KubernetesCluster Kube Config[] A
kube_config
block as defined below.- node
Resource stringGroup Id The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.
- oidc
Issuer stringUrl The OIDC issuer URL that is associated with the cluster.
- portal
Fqdn string The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- private
Fqdn string The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- fqdn str
The FQDN of the Azure Kubernetes Managed Cluster.
- http_
application_ strrouting_ zone_ name The Zone Name of the HTTP Application Routing.
- id str
The provider-assigned unique ID for this managed resource.
- kube_
admin_ strconfig_ raw Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.
- kube_
admin_ Sequence[Kubernetesconfigs Cluster Kube Admin Config] A
kube_admin_config
block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.- kube_
config_ strraw Raw Kubernetes config to be used by kubectl and other compatible tools.
- kube_
configs Sequence[KubernetesCluster Kube Config] A
kube_config
block as defined below.- node_
resource_ strgroup_ id The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.
- oidc_
issuer_ strurl The OIDC issuer URL that is associated with the cluster.
- portal_
fqdn str The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- private_
fqdn str The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- fqdn String
The FQDN of the Azure Kubernetes Managed Cluster.
- http
Application StringRouting Zone Name The Zone Name of the HTTP Application Routing.
- id String
The provider-assigned unique ID for this managed resource.
- kube
Admin StringConfig Raw Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.
- kube
Admin List<Property Map>Configs A
kube_admin_config
block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.- kube
Config StringRaw Raw Kubernetes config to be used by kubectl and other compatible tools.
- kube
Configs List<Property Map> A
kube_config
block as defined below.- node
Resource StringGroup Id The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.
- oidc
Issuer StringUrl The OIDC issuer URL that is associated with the cluster.
- portal
Fqdn String The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- private
Fqdn String The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
Look up Existing KubernetesCluster Resource
Get an existing KubernetesCluster resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: KubernetesClusterState, opts?: CustomResourceOptions): KubernetesCluster
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
aci_connector_linux: Optional[KubernetesClusterAciConnectorLinuxArgs] = None,
api_server_access_profile: Optional[KubernetesClusterApiServerAccessProfileArgs] = None,
api_server_authorized_ip_ranges: Optional[Sequence[str]] = None,
auto_scaler_profile: Optional[KubernetesClusterAutoScalerProfileArgs] = None,
automatic_channel_upgrade: Optional[str] = None,
azure_active_directory_role_based_access_control: Optional[KubernetesClusterAzureActiveDirectoryRoleBasedAccessControlArgs] = None,
azure_policy_enabled: Optional[bool] = None,
confidential_computing: Optional[KubernetesClusterConfidentialComputingArgs] = None,
default_node_pool: Optional[KubernetesClusterDefaultNodePoolArgs] = None,
disk_encryption_set_id: Optional[str] = None,
dns_prefix: Optional[str] = None,
dns_prefix_private_cluster: Optional[str] = None,
edge_zone: Optional[str] = None,
enable_pod_security_policy: Optional[bool] = None,
fqdn: Optional[str] = None,
http_application_routing_enabled: Optional[bool] = None,
http_application_routing_zone_name: Optional[str] = None,
http_proxy_config: Optional[KubernetesClusterHttpProxyConfigArgs] = None,
identity: Optional[KubernetesClusterIdentityArgs] = None,
image_cleaner_enabled: Optional[bool] = None,
image_cleaner_interval_hours: Optional[int] = None,
ingress_application_gateway: Optional[KubernetesClusterIngressApplicationGatewayArgs] = None,
key_management_service: Optional[KubernetesClusterKeyManagementServiceArgs] = None,
key_vault_secrets_provider: Optional[KubernetesClusterKeyVaultSecretsProviderArgs] = None,
kube_admin_config_raw: Optional[str] = None,
kube_admin_configs: Optional[Sequence[KubernetesClusterKubeAdminConfigArgs]] = None,
kube_config_raw: Optional[str] = None,
kube_configs: Optional[Sequence[KubernetesClusterKubeConfigArgs]] = None,
kubelet_identity: Optional[KubernetesClusterKubeletIdentityArgs] = None,
kubernetes_version: Optional[str] = None,
linux_profile: Optional[KubernetesClusterLinuxProfileArgs] = None,
local_account_disabled: Optional[bool] = None,
location: Optional[str] = None,
maintenance_window: Optional[KubernetesClusterMaintenanceWindowArgs] = None,
microsoft_defender: Optional[KubernetesClusterMicrosoftDefenderArgs] = None,
monitor_metrics: Optional[KubernetesClusterMonitorMetricsArgs] = None,
name: Optional[str] = None,
network_profile: Optional[KubernetesClusterNetworkProfileArgs] = None,
node_resource_group: Optional[str] = None,
node_resource_group_id: Optional[str] = None,
oidc_issuer_enabled: Optional[bool] = None,
oidc_issuer_url: Optional[str] = None,
oms_agent: Optional[KubernetesClusterOmsAgentArgs] = None,
open_service_mesh_enabled: Optional[bool] = None,
portal_fqdn: Optional[str] = None,
private_cluster_enabled: Optional[bool] = None,
private_cluster_public_fqdn_enabled: Optional[bool] = None,
private_dns_zone_id: Optional[str] = None,
private_fqdn: Optional[str] = None,
public_network_access_enabled: Optional[bool] = None,
resource_group_name: Optional[str] = None,
role_based_access_control_enabled: Optional[bool] = None,
run_command_enabled: Optional[bool] = None,
service_mesh_profile: Optional[KubernetesClusterServiceMeshProfileArgs] = None,
service_principal: Optional[KubernetesClusterServicePrincipalArgs] = None,
sku_tier: Optional[str] = None,
storage_profile: Optional[KubernetesClusterStorageProfileArgs] = None,
tags: Optional[Mapping[str, str]] = None,
web_app_routing: Optional[KubernetesClusterWebAppRoutingArgs] = None,
windows_profile: Optional[KubernetesClusterWindowsProfileArgs] = None,
workload_autoscaler_profile: Optional[KubernetesClusterWorkloadAutoscalerProfileArgs] = None,
workload_identity_enabled: Optional[bool] = None) -> KubernetesCluster
func GetKubernetesCluster(ctx *Context, name string, id IDInput, state *KubernetesClusterState, opts ...ResourceOption) (*KubernetesCluster, error)
public static KubernetesCluster Get(string name, Input<string> id, KubernetesClusterState? state, CustomResourceOptions? opts = null)
public static KubernetesCluster get(String name, Output<String> id, KubernetesClusterState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Aci
Connector KubernetesLinux Cluster Aci Connector Linux Args A
aci_connector_linux
block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.- Api
Server KubernetesAccess Profile Cluster Api Server Access Profile Args An
api_server_access_profile
block as defined below.- List<string>
This property has been renamed to
authorized_ip_ranges
within theapi_server_access_profile
block and will be removed in v4.0 of the provider- Auto
Scaler KubernetesProfile Cluster Auto Scaler Profile Args A
auto_scaler_profile
block as defined below.- Automatic
Channel stringUpgrade The upgrade channel for this Kubernetes Cluster. Possible values are
patch
,rapid
,node-image
andstable
. Omitting this field sets this value tonone
.- Azure
Active KubernetesDirectory Role Based Access Control Cluster Azure Active Directory Role Based Access Control Args A
azure_active_directory_role_based_access_control
block as defined below.- Azure
Policy boolEnabled Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service
- Confidential
Computing KubernetesCluster Confidential Computing Args A
confidential_computing
block as defined below. For more details please the documentation- Default
Node KubernetesPool Cluster Default Node Pool Args A
default_node_pool
block as defined below.- Disk
Encryption stringSet Id The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.
- Dns
Prefix string DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.
- Dns
Prefix stringPrivate Cluster Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.
- Edge
Zone string Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- Enable
Pod boolSecurity Policy The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.
- Fqdn string
The FQDN of the Azure Kubernetes Managed Cluster.
- Http
Application boolRouting Enabled Should HTTP Application Routing be enabled?
- Http
Application stringRouting Zone Name The Zone Name of the HTTP Application Routing.
- Http
Proxy KubernetesConfig Cluster Http Proxy Config Args A
http_proxy_config
block as defined below.- Identity
Kubernetes
Cluster Identity Args An
identity
block as defined below. One of eitheridentity
orservice_principal
must be specified.- Image
Cleaner boolEnabled Specifies whether Image Cleaner is enabled.
- Image
Cleaner intInterval Hours Specifies the interval in hours when images should be cleaned up. Defaults to
48
.- Ingress
Application KubernetesGateway Cluster Ingress Application Gateway Args A
ingress_application_gateway
block as defined below.- Key
Management KubernetesService Cluster Key Management Service Args A
key_management_service
block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.- Key
Vault KubernetesSecrets Provider Cluster Key Vault Secrets Provider Args A
key_vault_secrets_provider
block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.- Kube
Admin stringConfig Raw Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.
- Kube
Admin List<KubernetesConfigs Cluster Kube Admin Config Args> A
kube_admin_config
block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.- Kube
Config stringRaw Raw Kubernetes config to be used by kubectl and other compatible tools.
- Kube
Configs List<KubernetesCluster Kube Config Args> A
kube_config
block as defined below.- Kubelet
Identity KubernetesCluster Kubelet Identity Args A
kubelet_identity
block as defined below.- Kubernetes
Version string Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as
1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- Linux
Profile KubernetesCluster Linux Profile Args A
linux_profile
block as defined below.- Local
Account boolDisabled If
true
local accounts will be disabled. See the documentation for more information.- Location string
The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.
- Maintenance
Window KubernetesCluster Maintenance Window Args A
maintenance_window
block as defined below.- Microsoft
Defender KubernetesCluster Microsoft Defender Args A
microsoft_defender
block as defined below.- Monitor
Metrics KubernetesCluster Monitor Metrics Args Specifies a Prometheus add-on profile for the Kubernetes Cluster. A
monitor_metrics
block as defined below.- Name string
The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.
- Network
Profile KubernetesCluster Network Profile Args A
network_profile
block as defined below. Changing this forces a new resource to be created.- Node
Resource stringGroup The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.
- Node
Resource stringGroup Id The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.
- Oidc
Issuer boolEnabled Enable or Disable the OIDC issuer URL
- Oidc
Issuer stringUrl The OIDC issuer URL that is associated with the cluster.
- Oms
Agent KubernetesCluster Oms Agent Args A
oms_agent
block as defined below.- Open
Service boolMesh Enabled Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.
- Portal
Fqdn string The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- Private
Cluster boolEnabled Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to
false
. Changing this forces a new resource to be created.- Private
Cluster boolPublic Fqdn Enabled Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to
false
.- Private
Dns stringZone Id Either the ID of Private DNS Zone which should be delegated to this Cluster,
System
to have AKS manage this orNone
. In case ofNone
you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.- Private
Fqdn string The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- Public
Network boolAccess Enabled Whether public network access is allowed for this Kubernetes Cluster. Defaults to
true
. Changing this forces a new resource to be created.- Resource
Group stringName Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- Role
Based boolAccess Control Enabled Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to
true
. Changing this forces a new resource to be created.- Run
Command boolEnabled Whether to enable run command for the cluster or not. Defaults to
true
.- Service
Mesh KubernetesProfile Cluster Service Mesh Profile Args A
service_mesh_profile
block as defined below.- Service
Principal KubernetesCluster Service Principal Args A
service_principal
block as documented below. One of eitheridentity
orservice_principal
must be specified.- Sku
Tier string The SKU Tier that should be used for this Kubernetes Cluster. Possible values are
Free
, andStandard
(which includes the Uptime SLA). Defaults toFree
.- Storage
Profile KubernetesCluster Storage Profile Args A
storage_profile
block as defined below.- Dictionary<string, string>
A mapping of tags to assign to the resource.
- Web
App KubernetesRouting Cluster Web App Routing Args A
web_app_routing
block as defined below.- Windows
Profile KubernetesCluster Windows Profile Args A
windows_profile
block as defined below.- Workload
Autoscaler KubernetesProfile Cluster Workload Autoscaler Profile Args A
workload_autoscaler_profile
block defined below.- Workload
Identity boolEnabled Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to
false
.
- Aci
Connector KubernetesLinux Cluster Aci Connector Linux Args A
aci_connector_linux
block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.- Api
Server KubernetesAccess Profile Cluster Api Server Access Profile Args An
api_server_access_profile
block as defined below.- []string
This property has been renamed to
authorized_ip_ranges
within theapi_server_access_profile
block and will be removed in v4.0 of the provider- Auto
Scaler KubernetesProfile Cluster Auto Scaler Profile Args A
auto_scaler_profile
block as defined below.- Automatic
Channel stringUpgrade The upgrade channel for this Kubernetes Cluster. Possible values are
patch
,rapid
,node-image
andstable
. Omitting this field sets this value tonone
.- Azure
Active KubernetesDirectory Role Based Access Control Cluster Azure Active Directory Role Based Access Control Args A
azure_active_directory_role_based_access_control
block as defined below.- Azure
Policy boolEnabled Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service
- Confidential
Computing KubernetesCluster Confidential Computing Args A
confidential_computing
block as defined below. For more details please the documentation- Default
Node KubernetesPool Cluster Default Node Pool Args A
default_node_pool
block as defined below.- Disk
Encryption stringSet Id The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.
- Dns
Prefix string DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.
- Dns
Prefix stringPrivate Cluster Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.
- Edge
Zone string Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- Enable
Pod boolSecurity Policy The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.
- Fqdn string
The FQDN of the Azure Kubernetes Managed Cluster.
- Http
Application boolRouting Enabled Should HTTP Application Routing be enabled?
- Http
Application stringRouting Zone Name The Zone Name of the HTTP Application Routing.
- Http
Proxy KubernetesConfig Cluster Http Proxy Config Args A
http_proxy_config
block as defined below.- Identity
Kubernetes
Cluster Identity Args An
identity
block as defined below. One of eitheridentity
orservice_principal
must be specified.- Image
Cleaner boolEnabled Specifies whether Image Cleaner is enabled.
- Image
Cleaner intInterval Hours Specifies the interval in hours when images should be cleaned up. Defaults to
48
.- Ingress
Application KubernetesGateway Cluster Ingress Application Gateway Args A
ingress_application_gateway
block as defined below.- Key
Management KubernetesService Cluster Key Management Service Args A
key_management_service
block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.- Key
Vault KubernetesSecrets Provider Cluster Key Vault Secrets Provider Args A
key_vault_secrets_provider
block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.- Kube
Admin stringConfig Raw Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.
- Kube
Admin []KubernetesConfigs Cluster Kube Admin Config Args A
kube_admin_config
block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.- Kube
Config stringRaw Raw Kubernetes config to be used by kubectl and other compatible tools.
- Kube
Configs []KubernetesCluster Kube Config Args A
kube_config
block as defined below.- Kubelet
Identity KubernetesCluster Kubelet Identity Args A
kubelet_identity
block as defined below.- Kubernetes
Version string Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as
1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- Linux
Profile KubernetesCluster Linux Profile Args A
linux_profile
block as defined below.- Local
Account boolDisabled If
true
local accounts will be disabled. See the documentation for more information.- Location string
The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.
- Maintenance
Window KubernetesCluster Maintenance Window Args A
maintenance_window
block as defined below.- Microsoft
Defender KubernetesCluster Microsoft Defender Args A
microsoft_defender
block as defined below.- Monitor
Metrics KubernetesCluster Monitor Metrics Args Specifies a Prometheus add-on profile for the Kubernetes Cluster. A
monitor_metrics
block as defined below.- Name string
The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.
- Network
Profile KubernetesCluster Network Profile Args A
network_profile
block as defined below. Changing this forces a new resource to be created.- Node
Resource stringGroup The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.
- Node
Resource stringGroup Id The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.
- Oidc
Issuer boolEnabled Enable or Disable the OIDC issuer URL
- Oidc
Issuer stringUrl The OIDC issuer URL that is associated with the cluster.
- Oms
Agent KubernetesCluster Oms Agent Args A
oms_agent
block as defined below.- Open
Service boolMesh Enabled Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.
- Portal
Fqdn string The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- Private
Cluster boolEnabled Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to
false
. Changing this forces a new resource to be created.- Private
Cluster boolPublic Fqdn Enabled Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to
false
.- Private
Dns stringZone Id Either the ID of Private DNS Zone which should be delegated to this Cluster,
System
to have AKS manage this orNone
. In case ofNone
you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.- Private
Fqdn string The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- Public
Network boolAccess Enabled Whether public network access is allowed for this Kubernetes Cluster. Defaults to
true
. Changing this forces a new resource to be created.- Resource
Group stringName Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- Role
Based boolAccess Control Enabled Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to
true
. Changing this forces a new resource to be created.- Run
Command boolEnabled Whether to enable run command for the cluster or not. Defaults to
true
.- Service
Mesh KubernetesProfile Cluster Service Mesh Profile Args A
service_mesh_profile
block as defined below.- Service
Principal KubernetesCluster Service Principal Args A
service_principal
block as documented below. One of eitheridentity
orservice_principal
must be specified.- Sku
Tier string The SKU Tier that should be used for this Kubernetes Cluster. Possible values are
Free
, andStandard
(which includes the Uptime SLA). Defaults toFree
.- Storage
Profile KubernetesCluster Storage Profile Args A
storage_profile
block as defined below.- map[string]string
A mapping of tags to assign to the resource.
- Web
App KubernetesRouting Cluster Web App Routing Args A
web_app_routing
block as defined below.- Windows
Profile KubernetesCluster Windows Profile Args A
windows_profile
block as defined below.- Workload
Autoscaler KubernetesProfile Cluster Workload Autoscaler Profile Args A
workload_autoscaler_profile
block defined below.- Workload
Identity boolEnabled Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to
false
.
- aci
Connector KubernetesLinux Cluster Aci Connector Linux Args A
aci_connector_linux
block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.- api
Server KubernetesAccess Profile Cluster Api Server Access Profile Args An
api_server_access_profile
block as defined below.- List<String>
This property has been renamed to
authorized_ip_ranges
within theapi_server_access_profile
block and will be removed in v4.0 of the provider- auto
Scaler KubernetesProfile Cluster Auto Scaler Profile Args A
auto_scaler_profile
block as defined below.- automatic
Channel StringUpgrade The upgrade channel for this Kubernetes Cluster. Possible values are
patch
,rapid
,node-image
andstable
. Omitting this field sets this value tonone
.- azure
Active KubernetesDirectory Role Based Access Control Cluster Azure Active Directory Role Based Access Control Args A
azure_active_directory_role_based_access_control
block as defined below.- azure
Policy BooleanEnabled Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service
- confidential
Computing KubernetesCluster Confidential Computing Args A
confidential_computing
block as defined below. For more details please the documentation- default
Node KubernetesPool Cluster Default Node Pool Args A
default_node_pool
block as defined below.- disk
Encryption StringSet Id The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.
- dns
Prefix String DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.
- dns
Prefix StringPrivate Cluster Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.
- edge
Zone String Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- enable
Pod BooleanSecurity Policy The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.
- fqdn String
The FQDN of the Azure Kubernetes Managed Cluster.
- http
Application BooleanRouting Enabled Should HTTP Application Routing be enabled?
- http
Application StringRouting Zone Name The Zone Name of the HTTP Application Routing.
- http
Proxy KubernetesConfig Cluster Http Proxy Config Args A
http_proxy_config
block as defined below.- identity
Kubernetes
Cluster Identity Args An
identity
block as defined below. One of eitheridentity
orservice_principal
must be specified.- image
Cleaner BooleanEnabled Specifies whether Image Cleaner is enabled.
- image
Cleaner IntegerInterval Hours Specifies the interval in hours when images should be cleaned up. Defaults to
48
.- ingress
Application KubernetesGateway Cluster Ingress Application Gateway Args A
ingress_application_gateway
block as defined below.- key
Management KubernetesService Cluster Key Management Service Args A
key_management_service
block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.- key
Vault KubernetesSecrets Provider Cluster Key Vault Secrets Provider Args A
key_vault_secrets_provider
block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.- kube
Admin StringConfig Raw Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.
- kube
Admin List<KubernetesConfigs Cluster Kube Admin Config Args> A
kube_admin_config
block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.- kube
Config StringRaw Raw Kubernetes config to be used by kubectl and other compatible tools.
- kube
Configs List<KubernetesCluster Kube Config Args> A
kube_config
block as defined below.- kubelet
Identity KubernetesCluster Kubelet Identity Args A
kubelet_identity
block as defined below.- kubernetes
Version String Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as
1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- linux
Profile KubernetesCluster Linux Profile Args A
linux_profile
block as defined below.- local
Account BooleanDisabled If
true
local accounts will be disabled. See the documentation for more information.- location String
The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.
- maintenance
Window KubernetesCluster Maintenance Window Args A
maintenance_window
block as defined below.- microsoft
Defender KubernetesCluster Microsoft Defender Args A
microsoft_defender
block as defined below.- monitor
Metrics KubernetesCluster Monitor Metrics Args Specifies a Prometheus add-on profile for the Kubernetes Cluster. A
monitor_metrics
block as defined below.- name String
The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.
- network
Profile KubernetesCluster Network Profile Args A
network_profile
block as defined below. Changing this forces a new resource to be created.- node
Resource StringGroup The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.
- node
Resource StringGroup Id The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.
- oidc
Issuer BooleanEnabled Enable or Disable the OIDC issuer URL
- oidc
Issuer StringUrl The OIDC issuer URL that is associated with the cluster.
- oms
Agent KubernetesCluster Oms Agent Args A
oms_agent
block as defined below.- open
Service BooleanMesh Enabled Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.
- portal
Fqdn String The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- private
Cluster BooleanEnabled Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to
false
. Changing this forces a new resource to be created.- private
Cluster BooleanPublic Fqdn Enabled Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to
false
.- private
Dns StringZone Id Either the ID of Private DNS Zone which should be delegated to this Cluster,
System
to have AKS manage this orNone
. In case ofNone
you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.- private
Fqdn String The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- public
Network BooleanAccess Enabled Whether public network access is allowed for this Kubernetes Cluster. Defaults to
true
. Changing this forces a new resource to be created.- resource
Group StringName Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- role
Based BooleanAccess Control Enabled Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to
true
. Changing this forces a new resource to be created.- run
Command BooleanEnabled Whether to enable run command for the cluster or not. Defaults to
true
.- service
Mesh KubernetesProfile Cluster Service Mesh Profile Args A
service_mesh_profile
block as defined below.- service
Principal KubernetesCluster Service Principal Args A
service_principal
block as documented below. One of eitheridentity
orservice_principal
must be specified.- sku
Tier String The SKU Tier that should be used for this Kubernetes Cluster. Possible values are
Free
, andStandard
(which includes the Uptime SLA). Defaults toFree
.- storage
Profile KubernetesCluster Storage Profile Args A
storage_profile
block as defined below.- Map<String,String>
A mapping of tags to assign to the resource.
- web
App KubernetesRouting Cluster Web App Routing Args A
web_app_routing
block as defined below.- windows
Profile KubernetesCluster Windows Profile Args A
windows_profile
block as defined below.- workload
Autoscaler KubernetesProfile Cluster Workload Autoscaler Profile Args A
workload_autoscaler_profile
block defined below.- workload
Identity BooleanEnabled Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to
false
.
- aci
Connector KubernetesLinux Cluster Aci Connector Linux Args A
aci_connector_linux
block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.- api
Server KubernetesAccess Profile Cluster Api Server Access Profile Args An
api_server_access_profile
block as defined below.- string[]
This property has been renamed to
authorized_ip_ranges
within theapi_server_access_profile
block and will be removed in v4.0 of the provider- auto
Scaler KubernetesProfile Cluster Auto Scaler Profile Args A
auto_scaler_profile
block as defined below.- automatic
Channel stringUpgrade The upgrade channel for this Kubernetes Cluster. Possible values are
patch
,rapid
,node-image
andstable
. Omitting this field sets this value tonone
.- azure
Active KubernetesDirectory Role Based Access Control Cluster Azure Active Directory Role Based Access Control Args A
azure_active_directory_role_based_access_control
block as defined below.- azure
Policy booleanEnabled Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service
- confidential
Computing KubernetesCluster Confidential Computing Args A
confidential_computing
block as defined below. For more details please the documentation- default
Node KubernetesPool Cluster Default Node Pool Args A
default_node_pool
block as defined below.- disk
Encryption stringSet Id The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.
- dns
Prefix string DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.
- dns
Prefix stringPrivate Cluster Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.
- edge
Zone string Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- enable
Pod booleanSecurity Policy The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.
- fqdn string
The FQDN of the Azure Kubernetes Managed Cluster.
- http
Application booleanRouting Enabled Should HTTP Application Routing be enabled?
- http
Application stringRouting Zone Name The Zone Name of the HTTP Application Routing.
- http
Proxy KubernetesConfig Cluster Http Proxy Config Args A
http_proxy_config
block as defined below.- identity
Kubernetes
Cluster Identity Args An
identity
block as defined below. One of eitheridentity
orservice_principal
must be specified.- image
Cleaner booleanEnabled Specifies whether Image Cleaner is enabled.
- image
Cleaner numberInterval Hours Specifies the interval in hours when images should be cleaned up. Defaults to
48
.- ingress
Application KubernetesGateway Cluster Ingress Application Gateway Args A
ingress_application_gateway
block as defined below.- key
Management KubernetesService Cluster Key Management Service Args A
key_management_service
block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.- key
Vault KubernetesSecrets Provider Cluster Key Vault Secrets Provider Args A
key_vault_secrets_provider
block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.- kube
Admin stringConfig Raw Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.
- kube
Admin KubernetesConfigs Cluster Kube Admin Config Args[] A
kube_admin_config
block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.- kube
Config stringRaw Raw Kubernetes config to be used by kubectl and other compatible tools.
- kube
Configs KubernetesCluster Kube Config Args[] A
kube_config
block as defined below.- kubelet
Identity KubernetesCluster Kubelet Identity Args A
kubelet_identity
block as defined below.- kubernetes
Version string Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as
1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- linux
Profile KubernetesCluster Linux Profile Args A
linux_profile
block as defined below.- local
Account booleanDisabled If
true
local accounts will be disabled. See the documentation for more information.- location string
The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.
- maintenance
Window KubernetesCluster Maintenance Window Args A
maintenance_window
block as defined below.- microsoft
Defender KubernetesCluster Microsoft Defender Args A
microsoft_defender
block as defined below.- monitor
Metrics KubernetesCluster Monitor Metrics Args Specifies a Prometheus add-on profile for the Kubernetes Cluster. A
monitor_metrics
block as defined below.- name string
The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.
- network
Profile KubernetesCluster Network Profile Args A
network_profile
block as defined below. Changing this forces a new resource to be created.- node
Resource stringGroup The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.
- node
Resource stringGroup Id The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.
- oidc
Issuer booleanEnabled Enable or Disable the OIDC issuer URL
- oidc
Issuer stringUrl The OIDC issuer URL that is associated with the cluster.
- oms
Agent KubernetesCluster Oms Agent Args A
oms_agent
block as defined below.- open
Service booleanMesh Enabled Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.
- portal
Fqdn string The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- private
Cluster booleanEnabled Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to
false
. Changing this forces a new resource to be created.- private
Cluster booleanPublic Fqdn Enabled Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to
false
.- private
Dns stringZone Id Either the ID of Private DNS Zone which should be delegated to this Cluster,
System
to have AKS manage this orNone
. In case ofNone
you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.- private
Fqdn string The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- public
Network booleanAccess Enabled Whether public network access is allowed for this Kubernetes Cluster. Defaults to
true
. Changing this forces a new resource to be created.- resource
Group stringName Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- role
Based booleanAccess Control Enabled Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to
true
. Changing this forces a new resource to be created.- run
Command booleanEnabled Whether to enable run command for the cluster or not. Defaults to
true
.- service
Mesh KubernetesProfile Cluster Service Mesh Profile Args A
service_mesh_profile
block as defined below.- service
Principal KubernetesCluster Service Principal Args A
service_principal
block as documented below. One of eitheridentity
orservice_principal
must be specified.- sku
Tier string The SKU Tier that should be used for this Kubernetes Cluster. Possible values are
Free
, andStandard
(which includes the Uptime SLA). Defaults toFree
.- storage
Profile KubernetesCluster Storage Profile Args A
storage_profile
block as defined below.- {[key: string]: string}
A mapping of tags to assign to the resource.
- web
App KubernetesRouting Cluster Web App Routing Args A
web_app_routing
block as defined below.- windows
Profile KubernetesCluster Windows Profile Args A
windows_profile
block as defined below.- workload
Autoscaler KubernetesProfile Cluster Workload Autoscaler Profile Args A
workload_autoscaler_profile
block defined below.- workload
Identity booleanEnabled Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to
false
.
- aci_
connector_ Kuberneteslinux Cluster Aci Connector Linux Args A
aci_connector_linux
block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.- api_
server_ Kubernetesaccess_ profile Cluster Api Server Access Profile Args An
api_server_access_profile
block as defined below.- Sequence[str]
This property has been renamed to
authorized_ip_ranges
within theapi_server_access_profile
block and will be removed in v4.0 of the provider- auto_
scaler_ Kubernetesprofile Cluster Auto Scaler Profile Args A
auto_scaler_profile
block as defined below.- automatic_
channel_ strupgrade The upgrade channel for this Kubernetes Cluster. Possible values are
patch
,rapid
,node-image
andstable
. Omitting this field sets this value tonone
.- azure_
active_ Kubernetesdirectory_ role_ based_ access_ control Cluster Azure Active Directory Role Based Access Control Args A
azure_active_directory_role_based_access_control
block as defined below.- azure_
policy_ boolenabled Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service
- confidential_
computing KubernetesCluster Confidential Computing Args A
confidential_computing
block as defined below. For more details please the documentation- default_
node_ Kubernetespool Cluster Default Node Pool Args A
default_node_pool
block as defined below.- disk_
encryption_ strset_ id The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.
- dns_
prefix str DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.
- dns_
prefix_ strprivate_ cluster Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.
- edge_
zone str Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- enable_
pod_ boolsecurity_ policy The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.
- fqdn str
The FQDN of the Azure Kubernetes Managed Cluster.
- http_
application_ boolrouting_ enabled Should HTTP Application Routing be enabled?
- http_
application_ strrouting_ zone_ name The Zone Name of the HTTP Application Routing.
- http_
proxy_ Kubernetesconfig Cluster Http Proxy Config Args A
http_proxy_config
block as defined below.- identity
Kubernetes
Cluster Identity Args An
identity
block as defined below. One of eitheridentity
orservice_principal
must be specified.- image_
cleaner_ boolenabled Specifies whether Image Cleaner is enabled.
- image_
cleaner_ intinterval_ hours Specifies the interval in hours when images should be cleaned up. Defaults to
48
.- ingress_
application_ Kubernetesgateway Cluster Ingress Application Gateway Args A
ingress_application_gateway
block as defined below.- key_
management_ Kubernetesservice Cluster Key Management Service Args A
key_management_service
block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.- key_
vault_ Kubernetessecrets_ provider Cluster Key Vault Secrets Provider Args A
key_vault_secrets_provider
block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.- kube_
admin_ strconfig_ raw Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.
- kube_
admin_ Sequence[Kubernetesconfigs Cluster Kube Admin Config Args] A
kube_admin_config
block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.- kube_
config_ strraw Raw Kubernetes config to be used by kubectl and other compatible tools.
- kube_
configs Sequence[KubernetesCluster Kube Config Args] A
kube_config
block as defined below.- kubelet_
identity KubernetesCluster Kubelet Identity Args A
kubelet_identity
block as defined below.- kubernetes_
version str Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as
1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- linux_
profile KubernetesCluster Linux Profile Args A
linux_profile
block as defined below.- local_
account_ booldisabled If
true
local accounts will be disabled. See the documentation for more information.- location str
The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.
- maintenance_
window KubernetesCluster Maintenance Window Args A
maintenance_window
block as defined below.- microsoft_
defender KubernetesCluster Microsoft Defender Args A
microsoft_defender
block as defined below.- monitor_
metrics KubernetesCluster Monitor Metrics Args Specifies a Prometheus add-on profile for the Kubernetes Cluster. A
monitor_metrics
block as defined below.- name str
The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.
- network_
profile KubernetesCluster Network Profile Args A
network_profile
block as defined below. Changing this forces a new resource to be created.- node_
resource_ strgroup The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.
- node_
resource_ strgroup_ id The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.
- oidc_
issuer_ boolenabled Enable or Disable the OIDC issuer URL
- oidc_
issuer_ strurl The OIDC issuer URL that is associated with the cluster.
- oms_
agent KubernetesCluster Oms Agent Args A
oms_agent
block as defined below.- open_
service_ boolmesh_ enabled Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.
- portal_
fqdn str The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- private_
cluster_ boolenabled Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to
false
. Changing this forces a new resource to be created.- private_
cluster_ boolpublic_ fqdn_ enabled Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to
false
.- private_
dns_ strzone_ id Either the ID of Private DNS Zone which should be delegated to this Cluster,
System
to have AKS manage this orNone
. In case ofNone
you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.- private_
fqdn str The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- public_
network_ boolaccess_ enabled Whether public network access is allowed for this Kubernetes Cluster. Defaults to
true
. Changing this forces a new resource to be created.- resource_
group_ strname Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- role_
based_ boolaccess_ control_ enabled Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to
true
. Changing this forces a new resource to be created.- run_
command_ boolenabled Whether to enable run command for the cluster or not. Defaults to
true
.- service_
mesh_ Kubernetesprofile Cluster Service Mesh Profile Args A
service_mesh_profile
block as defined below.- service_
principal KubernetesCluster Service Principal Args A
service_principal
block as documented below. One of eitheridentity
orservice_principal
must be specified.- sku_
tier str The SKU Tier that should be used for this Kubernetes Cluster. Possible values are
Free
, andStandard
(which includes the Uptime SLA). Defaults toFree
.- storage_
profile KubernetesCluster Storage Profile Args A
storage_profile
block as defined below.- Mapping[str, str]
A mapping of tags to assign to the resource.
- web_
app_ Kubernetesrouting Cluster Web App Routing Args A
web_app_routing
block as defined below.- windows_
profile KubernetesCluster Windows Profile Args A
windows_profile
block as defined below.- workload_
autoscaler_ Kubernetesprofile Cluster Workload Autoscaler Profile Args A
workload_autoscaler_profile
block defined below.- workload_
identity_ boolenabled Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to
false
.
- aci
Connector Property MapLinux A
aci_connector_linux
block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.- api
Server Property MapAccess Profile An
api_server_access_profile
block as defined below.- List<String>
This property has been renamed to
authorized_ip_ranges
within theapi_server_access_profile
block and will be removed in v4.0 of the provider- auto
Scaler Property MapProfile A
auto_scaler_profile
block as defined below.- automatic
Channel StringUpgrade The upgrade channel for this Kubernetes Cluster. Possible values are
patch
,rapid
,node-image
andstable
. Omitting this field sets this value tonone
.- azure
Active Property MapDirectory Role Based Access Control A
azure_active_directory_role_based_access_control
block as defined below.- azure
Policy BooleanEnabled Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service
- confidential
Computing Property Map A
confidential_computing
block as defined below. For more details please the documentation- default
Node Property MapPool A
default_node_pool
block as defined below.- disk
Encryption StringSet Id The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.
- dns
Prefix String DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.
- dns
Prefix StringPrivate Cluster Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.
- edge
Zone String Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- enable
Pod BooleanSecurity Policy The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.
- fqdn String
The FQDN of the Azure Kubernetes Managed Cluster.
- http
Application BooleanRouting Enabled Should HTTP Application Routing be enabled?
- http
Application StringRouting Zone Name The Zone Name of the HTTP Application Routing.
- http
Proxy Property MapConfig A
http_proxy_config
block as defined below.- identity Property Map
An
identity
block as defined below. One of eitheridentity
orservice_principal
must be specified.- image
Cleaner BooleanEnabled Specifies whether Image Cleaner is enabled.
- image
Cleaner NumberInterval Hours Specifies the interval in hours when images should be cleaned up. Defaults to
48
.- ingress
Application Property MapGateway A
ingress_application_gateway
block as defined below.- key
Management Property MapService A
key_management_service
block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.- key
Vault Property MapSecrets Provider A
key_vault_secrets_provider
block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.- kube
Admin StringConfig Raw Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.
- kube
Admin List<Property Map>Configs A
kube_admin_config
block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.- kube
Config StringRaw Raw Kubernetes config to be used by kubectl and other compatible tools.
- kube
Configs List<Property Map> A
kube_config
block as defined below.- kubelet
Identity Property Map A
kubelet_identity
block as defined below.- kubernetes
Version String Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as
1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- linux
Profile Property Map A
linux_profile
block as defined below.- local
Account BooleanDisabled If
true
local accounts will be disabled. See the documentation for more information.- location String
The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.
- maintenance
Window Property Map A
maintenance_window
block as defined below.- microsoft
Defender Property Map A
microsoft_defender
block as defined below.- monitor
Metrics Property Map Specifies a Prometheus add-on profile for the Kubernetes Cluster. A
monitor_metrics
block as defined below.- name String
The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.
- network
Profile Property Map A
network_profile
block as defined below. Changing this forces a new resource to be created.- node
Resource StringGroup The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.
- node
Resource StringGroup Id The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.
- oidc
Issuer BooleanEnabled Enable or Disable the OIDC issuer URL
- oidc
Issuer StringUrl The OIDC issuer URL that is associated with the cluster.
- oms
Agent Property Map A
oms_agent
block as defined below.- open
Service BooleanMesh Enabled Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.
- portal
Fqdn String The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- private
Cluster BooleanEnabled Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to
false
. Changing this forces a new resource to be created.- private
Cluster BooleanPublic Fqdn Enabled Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to
false
.- private
Dns StringZone Id Either the ID of Private DNS Zone which should be delegated to this Cluster,
System
to have AKS manage this orNone
. In case ofNone
you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.- private
Fqdn String The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.
- public
Network BooleanAccess Enabled Whether public network access is allowed for this Kubernetes Cluster. Defaults to
true
. Changing this forces a new resource to be created.- resource
Group StringName Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.
- role
Based BooleanAccess Control Enabled Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to
true
. Changing this forces a new resource to be created.- run
Command BooleanEnabled Whether to enable run command for the cluster or not. Defaults to
true
.- service
Mesh Property MapProfile A
service_mesh_profile
block as defined below.- service
Principal Property Map A
service_principal
block as documented below. One of eitheridentity
orservice_principal
must be specified.- sku
Tier String The SKU Tier that should be used for this Kubernetes Cluster. Possible values are
Free
, andStandard
(which includes the Uptime SLA). Defaults toFree
.- storage
Profile Property Map A
storage_profile
block as defined below.- Map<String>
A mapping of tags to assign to the resource.
- web
App Property MapRouting A
web_app_routing
block as defined below.- windows
Profile Property Map A
windows_profile
block as defined below.- workload
Autoscaler Property MapProfile A
workload_autoscaler_profile
block defined below.- workload
Identity BooleanEnabled Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to
false
.
Supporting Types
KubernetesClusterAciConnectorLinux
- Subnet
Name string The subnet name for the virtual nodes to run.
- Connector
Identities List<KubernetesCluster Aci Connector Linux Connector Identity> A
connector_identity
block is exported. The exported attributes are defined below.
- Subnet
Name string The subnet name for the virtual nodes to run.
- Connector
Identities []KubernetesCluster Aci Connector Linux Connector Identity A
connector_identity
block is exported. The exported attributes are defined below.
- subnet
Name String The subnet name for the virtual nodes to run.
- connector
Identities List<KubernetesCluster Aci Connector Linux Connector Identity> A
connector_identity
block is exported. The exported attributes are defined below.
- subnet
Name string The subnet name for the virtual nodes to run.
- connector
Identities KubernetesCluster Aci Connector Linux Connector Identity[] A
connector_identity
block is exported. The exported attributes are defined below.
- subnet_
name str The subnet name for the virtual nodes to run.
- connector_
identities Sequence[KubernetesCluster Aci Connector Linux Connector Identity] A
connector_identity
block is exported. The exported attributes are defined below.
- subnet
Name String The subnet name for the virtual nodes to run.
- connector
Identities List<Property Map> A
connector_identity
block is exported. The exported attributes are defined below.
KubernetesClusterAciConnectorLinuxConnectorIdentity
- Client
Id string The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- Object
Id string The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- User
Assigned stringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- Client
Id string The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- Object
Id string The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- User
Assigned stringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- client
Id String The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- object
Id String The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- user
Assigned StringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- client
Id string The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- object
Id string The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- user
Assigned stringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- client_
id str The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- object_
id str The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- user_
assigned_ stridentity_ id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- client
Id String The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- object
Id String The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- user
Assigned StringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
KubernetesClusterApiServerAccessProfile
- List<string>
Set of authorized IP ranges to allow access to API server, e.g. ["198.51.100.0/24"].
- Subnet
Id string The ID of the Subnet where the API server endpoint is delegated to.
- Vnet
Integration boolEnabled Should API Server VNet Integration be enabled? For more details please visit Use API Server VNet Integration.
- []string
Set of authorized IP ranges to allow access to API server, e.g. ["198.51.100.0/24"].
- Subnet
Id string The ID of the Subnet where the API server endpoint is delegated to.
- Vnet
Integration boolEnabled Should API Server VNet Integration be enabled? For more details please visit Use API Server VNet Integration.
- List<String>
Set of authorized IP ranges to allow access to API server, e.g. ["198.51.100.0/24"].
- subnet
Id String The ID of the Subnet where the API server endpoint is delegated to.
- vnet
Integration BooleanEnabled Should API Server VNet Integration be enabled? For more details please visit Use API Server VNet Integration.
- string[]
Set of authorized IP ranges to allow access to API server, e.g. ["198.51.100.0/24"].
- subnet
Id string The ID of the Subnet where the API server endpoint is delegated to.
- vnet
Integration booleanEnabled Should API Server VNet Integration be enabled? For more details please visit Use API Server VNet Integration.
- Sequence[str]
Set of authorized IP ranges to allow access to API server, e.g. ["198.51.100.0/24"].
- subnet_
id str The ID of the Subnet where the API server endpoint is delegated to.
- vnet_
integration_ boolenabled Should API Server VNet Integration be enabled? For more details please visit Use API Server VNet Integration.
- List<String>
Set of authorized IP ranges to allow access to API server, e.g. ["198.51.100.0/24"].
- subnet
Id String The ID of the Subnet where the API server endpoint is delegated to.
- vnet
Integration BooleanEnabled Should API Server VNet Integration be enabled? For more details please visit Use API Server VNet Integration.
KubernetesClusterAutoScalerProfile
- Balance
Similar boolNode Groups Detect similar node groups and balance the number of nodes between them. Defaults to
false
.- Empty
Bulk stringDelete Max Maximum number of empty nodes that can be deleted at the same time. Defaults to
10
.- Expander string
Expander to use. Possible values are
least-waste
,priority
,most-pods
andrandom
. Defaults torandom
.- Max
Graceful stringTermination Sec Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to
600
.- Max
Node stringProvisioning Time Maximum time the autoscaler waits for a node to be provisioned. Defaults to
15m
.- Max
Unready intNodes Maximum Number of allowed unready nodes. Defaults to
3
.- Max
Unready doublePercentage Maximum percentage of unready nodes the cluster autoscaler will stop if the percentage is exceeded. Defaults to
45
.- New
Pod stringScale Up Delay For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. Defaults to
10s
.- Scale
Down stringDelay After Add How long after the scale up of AKS nodes the scale down evaluation resumes. Defaults to
10m
.- Scale
Down stringDelay After Delete How long after node deletion that scale down evaluation resumes. Defaults to the value used for
scan_interval
.- Scale
Down stringDelay After Failure How long after scale down failure that scale down evaluation resumes. Defaults to
3m
.- Scale
Down stringUnneeded How long a node should be unneeded before it is eligible for scale down. Defaults to
10m
.- Scale
Down stringUnready How long an unready node should be unneeded before it is eligible for scale down. Defaults to
20m
.- Scale
Down stringUtilization Threshold Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down. Defaults to
0.5
.- Scan
Interval string How often the AKS Cluster should be re-evaluated for scale up/down. Defaults to
10s
.- Skip
Nodes boolWith Local Storage If
true
cluster autoscaler will never delete nodes with pods with local storage, for example, EmptyDir or HostPath. Defaults totrue
.- Skip
Nodes boolWith System Pods If
true
cluster autoscaler will never delete nodes with pods from kube-system (except for DaemonSet or mirror pods). Defaults totrue
.
- Balance
Similar boolNode Groups Detect similar node groups and balance the number of nodes between them. Defaults to
false
.- Empty
Bulk stringDelete Max Maximum number of empty nodes that can be deleted at the same time. Defaults to
10
.- Expander string
Expander to use. Possible values are
least-waste
,priority
,most-pods
andrandom
. Defaults torandom
.- Max
Graceful stringTermination Sec Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to
600
.- Max
Node stringProvisioning Time Maximum time the autoscaler waits for a node to be provisioned. Defaults to
15m
.- Max
Unready intNodes Maximum Number of allowed unready nodes. Defaults to
3
.- Max
Unready float64Percentage Maximum percentage of unready nodes the cluster autoscaler will stop if the percentage is exceeded. Defaults to
45
.- New
Pod stringScale Up Delay For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. Defaults to
10s
.- Scale
Down stringDelay After Add How long after the scale up of AKS nodes the scale down evaluation resumes. Defaults to
10m
.- Scale
Down stringDelay After Delete How long after node deletion that scale down evaluation resumes. Defaults to the value used for
scan_interval
.- Scale
Down stringDelay After Failure How long after scale down failure that scale down evaluation resumes. Defaults to
3m
.- Scale
Down stringUnneeded How long a node should be unneeded before it is eligible for scale down. Defaults to
10m
.- Scale
Down stringUnready How long an unready node should be unneeded before it is eligible for scale down. Defaults to
20m
.- Scale
Down stringUtilization Threshold Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down. Defaults to
0.5
.- Scan
Interval string How often the AKS Cluster should be re-evaluated for scale up/down. Defaults to
10s
.- Skip
Nodes boolWith Local Storage If
true
cluster autoscaler will never delete nodes with pods with local storage, for example, EmptyDir or HostPath. Defaults totrue
.- Skip
Nodes boolWith System Pods If
true
cluster autoscaler will never delete nodes with pods from kube-system (except for DaemonSet or mirror pods). Defaults totrue
.
- balance
Similar BooleanNode Groups Detect similar node groups and balance the number of nodes between them. Defaults to
false
.- empty
Bulk StringDelete Max Maximum number of empty nodes that can be deleted at the same time. Defaults to
10
.- expander String
Expander to use. Possible values are
least-waste
,priority
,most-pods
andrandom
. Defaults torandom
.- max
Graceful StringTermination Sec Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to
600
.- max
Node StringProvisioning Time Maximum time the autoscaler waits for a node to be provisioned. Defaults to
15m
.- max
Unready IntegerNodes Maximum Number of allowed unready nodes. Defaults to
3
.- max
Unready DoublePercentage Maximum percentage of unready nodes the cluster autoscaler will stop if the percentage is exceeded. Defaults to
45
.- new
Pod StringScale Up Delay For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. Defaults to
10s
.- scale
Down StringDelay After Add How long after the scale up of AKS nodes the scale down evaluation resumes. Defaults to
10m
.- scale
Down StringDelay After Delete How long after node deletion that scale down evaluation resumes. Defaults to the value used for
scan_interval
.- scale
Down StringDelay After Failure How long after scale down failure that scale down evaluation resumes. Defaults to
3m
.- scale
Down StringUnneeded How long a node should be unneeded before it is eligible for scale down. Defaults to
10m
.- scale
Down StringUnready How long an unready node should be unneeded before it is eligible for scale down. Defaults to
20m
.- scale
Down StringUtilization Threshold Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down. Defaults to
0.5
.- scan
Interval String How often the AKS Cluster should be re-evaluated for scale up/down. Defaults to
10s
.- skip
Nodes BooleanWith Local Storage If
true
cluster autoscaler will never delete nodes with pods with local storage, for example, EmptyDir or HostPath. Defaults totrue
.- skip
Nodes BooleanWith System Pods If
true
cluster autoscaler will never delete nodes with pods from kube-system (except for DaemonSet or mirror pods). Defaults totrue
.
- balance
Similar booleanNode Groups Detect similar node groups and balance the number of nodes between them. Defaults to
false
.- empty
Bulk stringDelete Max Maximum number of empty nodes that can be deleted at the same time. Defaults to
10
.- expander string
Expander to use. Possible values are
least-waste
,priority
,most-pods
andrandom
. Defaults torandom
.- max
Graceful stringTermination Sec Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to
600
.- max
Node stringProvisioning Time Maximum time the autoscaler waits for a node to be provisioned. Defaults to
15m
.- max
Unready numberNodes Maximum Number of allowed unready nodes. Defaults to
3
.- max
Unready numberPercentage Maximum percentage of unready nodes the cluster autoscaler will stop if the percentage is exceeded. Defaults to
45
.- new
Pod stringScale Up Delay For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. Defaults to
10s
.- scale
Down stringDelay After Add How long after the scale up of AKS nodes the scale down evaluation resumes. Defaults to
10m
.- scale
Down stringDelay After Delete How long after node deletion that scale down evaluation resumes. Defaults to the value used for
scan_interval
.- scale
Down stringDelay After Failure How long after scale down failure that scale down evaluation resumes. Defaults to
3m
.- scale
Down stringUnneeded How long a node should be unneeded before it is eligible for scale down. Defaults to
10m
.- scale
Down stringUnready How long an unready node should be unneeded before it is eligible for scale down. Defaults to
20m
.- scale
Down stringUtilization Threshold Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down. Defaults to
0.5
.- scan
Interval string How often the AKS Cluster should be re-evaluated for scale up/down. Defaults to
10s
.- skip
Nodes booleanWith Local Storage If
true
cluster autoscaler will never delete nodes with pods with local storage, for example, EmptyDir or HostPath. Defaults totrue
.- skip
Nodes booleanWith System Pods If
true
cluster autoscaler will never delete nodes with pods from kube-system (except for DaemonSet or mirror pods). Defaults totrue
.
- balance_
similar_ boolnode_ groups Detect similar node groups and balance the number of nodes between them. Defaults to
false
.- empty_
bulk_ strdelete_ max Maximum number of empty nodes that can be deleted at the same time. Defaults to
10
.- expander str
Expander to use. Possible values are
least-waste
,priority
,most-pods
andrandom
. Defaults torandom
.- max_
graceful_ strtermination_ sec Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to
600
.- max_
node_ strprovisioning_ time Maximum time the autoscaler waits for a node to be provisioned. Defaults to
15m
.- max_
unready_ intnodes Maximum Number of allowed unready nodes. Defaults to
3
.- max_
unready_ floatpercentage Maximum percentage of unready nodes the cluster autoscaler will stop if the percentage is exceeded. Defaults to
45
.- new_
pod_ strscale_ up_ delay For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. Defaults to
10s
.- scale_
down_ strdelay_ after_ add How long after the scale up of AKS nodes the scale down evaluation resumes. Defaults to
10m
.- scale_
down_ strdelay_ after_ delete How long after node deletion that scale down evaluation resumes. Defaults to the value used for
scan_interval
.- scale_
down_ strdelay_ after_ failure How long after scale down failure that scale down evaluation resumes. Defaults to
3m
.- scale_
down_ strunneeded How long a node should be unneeded before it is eligible for scale down. Defaults to
10m
.- scale_
down_ strunready How long an unready node should be unneeded before it is eligible for scale down. Defaults to
20m
.- scale_
down_ strutilization_ threshold Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down. Defaults to
0.5
.- scan_
interval str How often the AKS Cluster should be re-evaluated for scale up/down. Defaults to
10s
.- skip_
nodes_ boolwith_ local_ storage If
true
cluster autoscaler will never delete nodes with pods with local storage, for example, EmptyDir or HostPath. Defaults totrue
.- skip_
nodes_ boolwith_ system_ pods If
true
cluster autoscaler will never delete nodes with pods from kube-system (except for DaemonSet or mirror pods). Defaults totrue
.
- balance
Similar BooleanNode Groups Detect similar node groups and balance the number of nodes between them. Defaults to
false
.- empty
Bulk StringDelete Max Maximum number of empty nodes that can be deleted at the same time. Defaults to
10
.- expander String
Expander to use. Possible values are
least-waste
,priority
,most-pods
andrandom
. Defaults torandom
.- max
Graceful StringTermination Sec Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to
600
.- max
Node StringProvisioning Time Maximum time the autoscaler waits for a node to be provisioned. Defaults to
15m
.- max
Unready NumberNodes Maximum Number of allowed unready nodes. Defaults to
3
.- max
Unready NumberPercentage Maximum percentage of unready nodes the cluster autoscaler will stop if the percentage is exceeded. Defaults to
45
.- new
Pod StringScale Up Delay For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. Defaults to
10s
.- scale
Down StringDelay After Add How long after the scale up of AKS nodes the scale down evaluation resumes. Defaults to
10m
.- scale
Down StringDelay After Delete How long after node deletion that scale down evaluation resumes. Defaults to the value used for
scan_interval
.- scale
Down StringDelay After Failure How long after scale down failure that scale down evaluation resumes. Defaults to
3m
.- scale
Down StringUnneeded How long a node should be unneeded before it is eligible for scale down. Defaults to
10m
.- scale
Down StringUnready How long an unready node should be unneeded before it is eligible for scale down. Defaults to
20m
.- scale
Down StringUtilization Threshold Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down. Defaults to
0.5
.- scan
Interval String How often the AKS Cluster should be re-evaluated for scale up/down. Defaults to
10s
.- skip
Nodes BooleanWith Local Storage If
true
cluster autoscaler will never delete nodes with pods with local storage, for example, EmptyDir or HostPath. Defaults totrue
.- skip
Nodes BooleanWith System Pods If
true
cluster autoscaler will never delete nodes with pods from kube-system (except for DaemonSet or mirror pods). Defaults totrue
.
KubernetesClusterAzureActiveDirectoryRoleBasedAccessControl
- Admin
Group List<string>Object Ids A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster.
- Azure
Rbac boolEnabled Is Role Based Access Control based on Azure AD enabled?
- Client
App stringId The Client ID of an Azure Active Directory Application.
- Managed bool
Is the Azure Active Directory integration Managed, meaning that Azure will create/manage the Service Principal used for integration.
- Server
App stringId The Server ID of an Azure Active Directory Application.
- Server
App stringSecret The Server Secret of an Azure Active Directory Application.
- Tenant
Id string The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.
- Admin
Group []stringObject Ids A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster.
- Azure
Rbac boolEnabled Is Role Based Access Control based on Azure AD enabled?
- Client
App stringId The Client ID of an Azure Active Directory Application.
- Managed bool
Is the Azure Active Directory integration Managed, meaning that Azure will create/manage the Service Principal used for integration.
- Server
App stringId The Server ID of an Azure Active Directory Application.
- Server
App stringSecret The Server Secret of an Azure Active Directory Application.
- Tenant
Id string The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.
- admin
Group List<String>Object Ids A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster.
- azure
Rbac BooleanEnabled Is Role Based Access Control based on Azure AD enabled?
- client
App StringId The Client ID of an Azure Active Directory Application.
- managed Boolean
Is the Azure Active Directory integration Managed, meaning that Azure will create/manage the Service Principal used for integration.
- server
App StringId The Server ID of an Azure Active Directory Application.
- server
App StringSecret The Server Secret of an Azure Active Directory Application.
- tenant
Id String The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.
- admin
Group string[]Object Ids A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster.
- azure
Rbac booleanEnabled Is Role Based Access Control based on Azure AD enabled?
- client
App stringId The Client ID of an Azure Active Directory Application.
- managed boolean
Is the Azure Active Directory integration Managed, meaning that Azure will create/manage the Service Principal used for integration.
- server
App stringId The Server ID of an Azure Active Directory Application.
- server
App stringSecret The Server Secret of an Azure Active Directory Application.
- tenant
Id string The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.
- admin_
group_ Sequence[str]object_ ids A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster.
- azure_
rbac_ boolenabled Is Role Based Access Control based on Azure AD enabled?
- client_
app_ strid The Client ID of an Azure Active Directory Application.
- managed bool
Is the Azure Active Directory integration Managed, meaning that Azure will create/manage the Service Principal used for integration.
- server_
app_ strid The Server ID of an Azure Active Directory Application.
- server_
app_ strsecret The Server Secret of an Azure Active Directory Application.
- tenant_
id str The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.
- admin
Group List<String>Object Ids A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster.
- azure
Rbac BooleanEnabled Is Role Based Access Control based on Azure AD enabled?
- client
App StringId The Client ID of an Azure Active Directory Application.
- managed Boolean
Is the Azure Active Directory integration Managed, meaning that Azure will create/manage the Service Principal used for integration.
- server
App StringId The Server ID of an Azure Active Directory Application.
- server
App StringSecret The Server Secret of an Azure Active Directory Application.
- tenant
Id String The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.
KubernetesClusterConfidentialComputing
- Sgx
Quote boolHelper Enabled Should the SGX quote helper be enabled?
- Sgx
Quote boolHelper Enabled Should the SGX quote helper be enabled?
- sgx
Quote BooleanHelper Enabled Should the SGX quote helper be enabled?
- sgx
Quote booleanHelper Enabled Should the SGX quote helper be enabled?
- sgx_
quote_ boolhelper_ enabled Should the SGX quote helper be enabled?
- sgx
Quote BooleanHelper Enabled Should the SGX quote helper be enabled?
KubernetesClusterDefaultNodePool
- Name string
The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created.
- Vm
Size string The size of the Virtual Machine, such as
Standard_DS2_v2
.- Capacity
Reservation stringGroup Id Specifies the ID of the Capacity Reservation Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.
- Custom
Ca boolTrust Enabled Specifies whether to trust a Custom CA.
- Enable
Auto boolScaling Should the Kubernetes Auto Scaler be enabled for this Node Pool?
- Enable
Host boolEncryption Should the nodes in the Default Node Pool have host encryption enabled? Changing this forces a new resource to be created.
- Enable
Node boolPublic Ip Should nodes in this Node Pool have a Public IP Address? Changing this forces a new resource to be created.
- Fips
Enabled bool Should the nodes in this Node Pool have Federal Information Processing Standard enabled? Changing this forces a new resource to be created.
- Host
Group stringId Specifies the ID of the Host Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.
- Kubelet
Config KubernetesCluster Default Node Pool Kubelet Config A
kubelet_config
block as defined below. Changing this forces a new resource to be created.- Kubelet
Disk stringType The type of disk used by kubelet. Possible values are
OS
andTemporary
.- Linux
Os KubernetesConfig Cluster Default Node Pool Linux Os Config A
linux_os_config
block as defined below. Changing this forces a new resource to be created.- Max
Count int The maximum number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
.- Max
Pods int The maximum number of pods that can run on each agent. Changing this forces a new resource to be created.
- Message
Of stringThe Day A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It cannot be specified for Windows nodes and must be a static string (i.e. will be printed raw and not executed as a script). Changing this forces a new resource to be created.
- Min
Count int The minimum number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
.- Node
Count int The initial number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
and betweenmin_count
andmax_count
.- Node
Labels Dictionary<string, string> A map of Kubernetes labels which should be applied to nodes in the Default Node Pool.
- Node
Network KubernetesProfile Cluster Default Node Pool Node Network Profile A
node_network_profile
block as documented below.- Node
Public stringIp Prefix Id Resource ID for the Public IP Addresses Prefix for the nodes in this Node Pool.
enable_node_public_ip
should betrue
. Changing this forces a new resource to be created.- Node
Taints List<string> A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created.
- Only
Critical boolAddons Enabled Enabling this option will taint default node pool with
CriticalAddonsOnly=true:NoSchedule
taint. Changing this forces a new resource to be created.- Orchestrator
Version string Version of Kubernetes used for the Agents. If not specified, the default node pool will be created with the version specified by
kubernetes_version
. If both are unspecified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- Os
Disk intSize Gb The size of the OS Disk which should be used for each agent in the Node Pool. Changing this forces a new resource to be created.
- Os
Disk stringType The type of disk which should be used for the Operating System. Possible values are
Ephemeral
andManaged
. Defaults toManaged
. Changing this forces a new resource to be created.- Os
Sku string Specifies the OS SKU used by the agent pool. Possible values include:
Ubuntu
,CBLMariner
,Mariner
,Windows2019
,Windows2022
. If not specified, the default isUbuntu
if OSType=Linux orWindows2019
if OSType=Windows. And the default Windows OSSKU will be changed toWindows2022
after Windows2019 is deprecated. Changing this forces a new resource to be created.- Pod
Subnet stringId The ID of the Subnet where the pods in the default Node Pool should exist. Changing this forces a new resource to be created.
- Proximity
Placement stringGroup Id The ID of the Proximity Placement Group. Changing this forces a new resource to be created.
- Scale
Down stringMode Specifies the autoscaling behaviour of the Kubernetes Cluster. Allowed values are
Delete
andDeallocate
. Defaults toDelete
.- Dictionary<string, string>
A mapping of tags to assign to the Node Pool.
- Temporary
Name stringFor Rotation Specifies the name of the temporary node pool used to cycle the default node pool for VM resizing.
- Type string
The type of Node Pool which should be created. Possible values are
AvailabilitySet
andVirtualMachineScaleSets
. Defaults toVirtualMachineScaleSets
. Changing this forces a new resource to be created.- Ultra
Ssd boolEnabled Used to specify whether the UltraSSD is enabled in the Default Node Pool. Defaults to
false
. See the documentation for more information. Changing this forces a new resource to be created.- Upgrade
Settings KubernetesCluster Default Node Pool Upgrade Settings A
upgrade_settings
block as documented below.- Vnet
Subnet stringId The ID of a Subnet where the Kubernetes Node Pool should exist. Changing this forces a new resource to be created.
- Workload
Runtime string Specifies the workload runtime used by the node pool. Possible values are
OCIContainer
andKataMshvVmIsolation
.- Zones List<string>
Specifies a list of Availability Zones in which this Kubernetes Cluster should be located. Changing this forces a new Kubernetes Cluster to be created.
- Name string
The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created.
- Vm
Size string The size of the Virtual Machine, such as
Standard_DS2_v2
.- Capacity
Reservation stringGroup Id Specifies the ID of the Capacity Reservation Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.
- Custom
Ca boolTrust Enabled Specifies whether to trust a Custom CA.
- Enable
Auto boolScaling Should the Kubernetes Auto Scaler be enabled for this Node Pool?
- Enable
Host boolEncryption Should the nodes in the Default Node Pool have host encryption enabled? Changing this forces a new resource to be created.
- Enable
Node boolPublic Ip Should nodes in this Node Pool have a Public IP Address? Changing this forces a new resource to be created.
- Fips
Enabled bool Should the nodes in this Node Pool have Federal Information Processing Standard enabled? Changing this forces a new resource to be created.
- Host
Group stringId Specifies the ID of the Host Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.
- Kubelet
Config KubernetesCluster Default Node Pool Kubelet Config A
kubelet_config
block as defined below. Changing this forces a new resource to be created.- Kubelet
Disk stringType The type of disk used by kubelet. Possible values are
OS
andTemporary
.- Linux
Os KubernetesConfig Cluster Default Node Pool Linux Os Config A
linux_os_config
block as defined below. Changing this forces a new resource to be created.- Max
Count int The maximum number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
.- Max
Pods int The maximum number of pods that can run on each agent. Changing this forces a new resource to be created.
- Message
Of stringThe Day A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It cannot be specified for Windows nodes and must be a static string (i.e. will be printed raw and not executed as a script). Changing this forces a new resource to be created.
- Min
Count int The minimum number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
.- Node
Count int The initial number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
and betweenmin_count
andmax_count
.- Node
Labels map[string]string A map of Kubernetes labels which should be applied to nodes in the Default Node Pool.
- Node
Network KubernetesProfile Cluster Default Node Pool Node Network Profile A
node_network_profile
block as documented below.- Node
Public stringIp Prefix Id Resource ID for the Public IP Addresses Prefix for the nodes in this Node Pool.
enable_node_public_ip
should betrue
. Changing this forces a new resource to be created.- Node
Taints []string A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created.
- Only
Critical boolAddons Enabled Enabling this option will taint default node pool with
CriticalAddonsOnly=true:NoSchedule
taint. Changing this forces a new resource to be created.- Orchestrator
Version string Version of Kubernetes used for the Agents. If not specified, the default node pool will be created with the version specified by
kubernetes_version
. If both are unspecified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- Os
Disk intSize Gb The size of the OS Disk which should be used for each agent in the Node Pool. Changing this forces a new resource to be created.
- Os
Disk stringType The type of disk which should be used for the Operating System. Possible values are
Ephemeral
andManaged
. Defaults toManaged
. Changing this forces a new resource to be created.- Os
Sku string Specifies the OS SKU used by the agent pool. Possible values include:
Ubuntu
,CBLMariner
,Mariner
,Windows2019
,Windows2022
. If not specified, the default isUbuntu
if OSType=Linux orWindows2019
if OSType=Windows. And the default Windows OSSKU will be changed toWindows2022
after Windows2019 is deprecated. Changing this forces a new resource to be created.- Pod
Subnet stringId The ID of the Subnet where the pods in the default Node Pool should exist. Changing this forces a new resource to be created.
- Proximity
Placement stringGroup Id The ID of the Proximity Placement Group. Changing this forces a new resource to be created.
- Scale
Down stringMode Specifies the autoscaling behaviour of the Kubernetes Cluster. Allowed values are
Delete
andDeallocate
. Defaults toDelete
.- map[string]string
A mapping of tags to assign to the Node Pool.
- Temporary
Name stringFor Rotation Specifies the name of the temporary node pool used to cycle the default node pool for VM resizing.
- Type string
The type of Node Pool which should be created. Possible values are
AvailabilitySet
andVirtualMachineScaleSets
. Defaults toVirtualMachineScaleSets
. Changing this forces a new resource to be created.- Ultra
Ssd boolEnabled Used to specify whether the UltraSSD is enabled in the Default Node Pool. Defaults to
false
. See the documentation for more information. Changing this forces a new resource to be created.- Upgrade
Settings KubernetesCluster Default Node Pool Upgrade Settings A
upgrade_settings
block as documented below.- Vnet
Subnet stringId The ID of a Subnet where the Kubernetes Node Pool should exist. Changing this forces a new resource to be created.
- Workload
Runtime string Specifies the workload runtime used by the node pool. Possible values are
OCIContainer
andKataMshvVmIsolation
.- Zones []string
Specifies a list of Availability Zones in which this Kubernetes Cluster should be located. Changing this forces a new Kubernetes Cluster to be created.
- name String
The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created.
- vm
Size String The size of the Virtual Machine, such as
Standard_DS2_v2
.- capacity
Reservation StringGroup Id Specifies the ID of the Capacity Reservation Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.
- custom
Ca BooleanTrust Enabled Specifies whether to trust a Custom CA.
- enable
Auto BooleanScaling Should the Kubernetes Auto Scaler be enabled for this Node Pool?
- enable
Host BooleanEncryption Should the nodes in the Default Node Pool have host encryption enabled? Changing this forces a new resource to be created.
- enable
Node BooleanPublic Ip Should nodes in this Node Pool have a Public IP Address? Changing this forces a new resource to be created.
- fips
Enabled Boolean Should the nodes in this Node Pool have Federal Information Processing Standard enabled? Changing this forces a new resource to be created.
- host
Group StringId Specifies the ID of the Host Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.
- kubelet
Config KubernetesCluster Default Node Pool Kubelet Config A
kubelet_config
block as defined below. Changing this forces a new resource to be created.- kubelet
Disk StringType The type of disk used by kubelet. Possible values are
OS
andTemporary
.- linux
Os KubernetesConfig Cluster Default Node Pool Linux Os Config A
linux_os_config
block as defined below. Changing this forces a new resource to be created.- max
Count Integer The maximum number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
.- max
Pods Integer The maximum number of pods that can run on each agent. Changing this forces a new resource to be created.
- message
Of StringThe Day A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It cannot be specified for Windows nodes and must be a static string (i.e. will be printed raw and not executed as a script). Changing this forces a new resource to be created.
- min
Count Integer The minimum number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
.- node
Count Integer The initial number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
and betweenmin_count
andmax_count
.- node
Labels Map<String,String> A map of Kubernetes labels which should be applied to nodes in the Default Node Pool.
- node
Network KubernetesProfile Cluster Default Node Pool Node Network Profile A
node_network_profile
block as documented below.- node
Public StringIp Prefix Id Resource ID for the Public IP Addresses Prefix for the nodes in this Node Pool.
enable_node_public_ip
should betrue
. Changing this forces a new resource to be created.- node
Taints List<String> A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created.
- only
Critical BooleanAddons Enabled Enabling this option will taint default node pool with
CriticalAddonsOnly=true:NoSchedule
taint. Changing this forces a new resource to be created.- orchestrator
Version String Version of Kubernetes used for the Agents. If not specified, the default node pool will be created with the version specified by
kubernetes_version
. If both are unspecified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- os
Disk IntegerSize Gb The size of the OS Disk which should be used for each agent in the Node Pool. Changing this forces a new resource to be created.
- os
Disk StringType The type of disk which should be used for the Operating System. Possible values are
Ephemeral
andManaged
. Defaults toManaged
. Changing this forces a new resource to be created.- os
Sku String Specifies the OS SKU used by the agent pool. Possible values include:
Ubuntu
,CBLMariner
,Mariner
,Windows2019
,Windows2022
. If not specified, the default isUbuntu
if OSType=Linux orWindows2019
if OSType=Windows. And the default Windows OSSKU will be changed toWindows2022
after Windows2019 is deprecated. Changing this forces a new resource to be created.- pod
Subnet StringId The ID of the Subnet where the pods in the default Node Pool should exist. Changing this forces a new resource to be created.
- proximity
Placement StringGroup Id The ID of the Proximity Placement Group. Changing this forces a new resource to be created.
- scale
Down StringMode Specifies the autoscaling behaviour of the Kubernetes Cluster. Allowed values are
Delete
andDeallocate
. Defaults toDelete
.- Map<String,String>
A mapping of tags to assign to the Node Pool.
- temporary
Name StringFor Rotation Specifies the name of the temporary node pool used to cycle the default node pool for VM resizing.
- type String
The type of Node Pool which should be created. Possible values are
AvailabilitySet
andVirtualMachineScaleSets
. Defaults toVirtualMachineScaleSets
. Changing this forces a new resource to be created.- ultra
Ssd BooleanEnabled Used to specify whether the UltraSSD is enabled in the Default Node Pool. Defaults to
false
. See the documentation for more information. Changing this forces a new resource to be created.- upgrade
Settings KubernetesCluster Default Node Pool Upgrade Settings A
upgrade_settings
block as documented below.- vnet
Subnet StringId The ID of a Subnet where the Kubernetes Node Pool should exist. Changing this forces a new resource to be created.
- workload
Runtime String Specifies the workload runtime used by the node pool. Possible values are
OCIContainer
andKataMshvVmIsolation
.- zones List<String>
Specifies a list of Availability Zones in which this Kubernetes Cluster should be located. Changing this forces a new Kubernetes Cluster to be created.
- name string
The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created.
- vm
Size string The size of the Virtual Machine, such as
Standard_DS2_v2
.- capacity
Reservation stringGroup Id Specifies the ID of the Capacity Reservation Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.
- custom
Ca booleanTrust Enabled Specifies whether to trust a Custom CA.
- enable
Auto booleanScaling Should the Kubernetes Auto Scaler be enabled for this Node Pool?
- enable
Host booleanEncryption Should the nodes in the Default Node Pool have host encryption enabled? Changing this forces a new resource to be created.
- enable
Node booleanPublic Ip Should nodes in this Node Pool have a Public IP Address? Changing this forces a new resource to be created.
- fips
Enabled boolean Should the nodes in this Node Pool have Federal Information Processing Standard enabled? Changing this forces a new resource to be created.
- host
Group stringId Specifies the ID of the Host Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.
- kubelet
Config KubernetesCluster Default Node Pool Kubelet Config A
kubelet_config
block as defined below. Changing this forces a new resource to be created.- kubelet
Disk stringType The type of disk used by kubelet. Possible values are
OS
andTemporary
.- linux
Os KubernetesConfig Cluster Default Node Pool Linux Os Config A
linux_os_config
block as defined below. Changing this forces a new resource to be created.- max
Count number The maximum number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
.- max
Pods number The maximum number of pods that can run on each agent. Changing this forces a new resource to be created.
- message
Of stringThe Day A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It cannot be specified for Windows nodes and must be a static string (i.e. will be printed raw and not executed as a script). Changing this forces a new resource to be created.
- min
Count number The minimum number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
.- node
Count number The initial number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
and betweenmin_count
andmax_count
.- node
Labels {[key: string]: string} A map of Kubernetes labels which should be applied to nodes in the Default Node Pool.
- node
Network KubernetesProfile Cluster Default Node Pool Node Network Profile A
node_network_profile
block as documented below.- node
Public stringIp Prefix Id Resource ID for the Public IP Addresses Prefix for the nodes in this Node Pool.
enable_node_public_ip
should betrue
. Changing this forces a new resource to be created.- node
Taints string[] A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created.
- only
Critical booleanAddons Enabled Enabling this option will taint default node pool with
CriticalAddonsOnly=true:NoSchedule
taint. Changing this forces a new resource to be created.- orchestrator
Version string Version of Kubernetes used for the Agents. If not specified, the default node pool will be created with the version specified by
kubernetes_version
. If both are unspecified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- os
Disk numberSize Gb The size of the OS Disk which should be used for each agent in the Node Pool. Changing this forces a new resource to be created.
- os
Disk stringType The type of disk which should be used for the Operating System. Possible values are
Ephemeral
andManaged
. Defaults toManaged
. Changing this forces a new resource to be created.- os
Sku string Specifies the OS SKU used by the agent pool. Possible values include:
Ubuntu
,CBLMariner
,Mariner
,Windows2019
,Windows2022
. If not specified, the default isUbuntu
if OSType=Linux orWindows2019
if OSType=Windows. And the default Windows OSSKU will be changed toWindows2022
after Windows2019 is deprecated. Changing this forces a new resource to be created.- pod
Subnet stringId The ID of the Subnet where the pods in the default Node Pool should exist. Changing this forces a new resource to be created.
- proximity
Placement stringGroup Id The ID of the Proximity Placement Group. Changing this forces a new resource to be created.
- scale
Down stringMode Specifies the autoscaling behaviour of the Kubernetes Cluster. Allowed values are
Delete
andDeallocate
. Defaults toDelete
.- {[key: string]: string}
A mapping of tags to assign to the Node Pool.
- temporary
Name stringFor Rotation Specifies the name of the temporary node pool used to cycle the default node pool for VM resizing.
- type string
The type of Node Pool which should be created. Possible values are
AvailabilitySet
andVirtualMachineScaleSets
. Defaults toVirtualMachineScaleSets
. Changing this forces a new resource to be created.- ultra
Ssd booleanEnabled Used to specify whether the UltraSSD is enabled in the Default Node Pool. Defaults to
false
. See the documentation for more information. Changing this forces a new resource to be created.- upgrade
Settings KubernetesCluster Default Node Pool Upgrade Settings A
upgrade_settings
block as documented below.- vnet
Subnet stringId The ID of a Subnet where the Kubernetes Node Pool should exist. Changing this forces a new resource to be created.
- workload
Runtime string Specifies the workload runtime used by the node pool. Possible values are
OCIContainer
andKataMshvVmIsolation
.- zones string[]
Specifies a list of Availability Zones in which this Kubernetes Cluster should be located. Changing this forces a new Kubernetes Cluster to be created.
- name str
The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created.
- vm_
size str The size of the Virtual Machine, such as
Standard_DS2_v2
.- capacity_
reservation_ strgroup_ id Specifies the ID of the Capacity Reservation Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.
- custom_
ca_ booltrust_ enabled Specifies whether to trust a Custom CA.
- enable_
auto_ boolscaling Should the Kubernetes Auto Scaler be enabled for this Node Pool?
- enable_
host_ boolencryption Should the nodes in the Default Node Pool have host encryption enabled? Changing this forces a new resource to be created.
- enable_
node_ boolpublic_ ip Should nodes in this Node Pool have a Public IP Address? Changing this forces a new resource to be created.
- fips_
enabled bool Should the nodes in this Node Pool have Federal Information Processing Standard enabled? Changing this forces a new resource to be created.
- host_
group_ strid Specifies the ID of the Host Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.
- kubelet_
config KubernetesCluster Default Node Pool Kubelet Config A
kubelet_config
block as defined below. Changing this forces a new resource to be created.- kubelet_
disk_ strtype The type of disk used by kubelet. Possible values are
OS
andTemporary
.- linux_
os_ Kubernetesconfig Cluster Default Node Pool Linux Os Config A
linux_os_config
block as defined below. Changing this forces a new resource to be created.- max_
count int The maximum number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
.- max_
pods int The maximum number of pods that can run on each agent. Changing this forces a new resource to be created.
- message_
of_ strthe_ day A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It cannot be specified for Windows nodes and must be a static string (i.e. will be printed raw and not executed as a script). Changing this forces a new resource to be created.
- min_
count int The minimum number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
.- node_
count int The initial number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
and betweenmin_count
andmax_count
.- node_
labels Mapping[str, str] A map of Kubernetes labels which should be applied to nodes in the Default Node Pool.
- node_
network_ Kubernetesprofile Cluster Default Node Pool Node Network Profile A
node_network_profile
block as documented below.- node_
public_ strip_ prefix_ id Resource ID for the Public IP Addresses Prefix for the nodes in this Node Pool.
enable_node_public_ip
should betrue
. Changing this forces a new resource to be created.- node_
taints Sequence[str] A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created.
- only_
critical_ booladdons_ enabled Enabling this option will taint default node pool with
CriticalAddonsOnly=true:NoSchedule
taint. Changing this forces a new resource to be created.- orchestrator_
version str Version of Kubernetes used for the Agents. If not specified, the default node pool will be created with the version specified by
kubernetes_version
. If both are unspecified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- os_
disk_ intsize_ gb The size of the OS Disk which should be used for each agent in the Node Pool. Changing this forces a new resource to be created.
- os_
disk_ strtype The type of disk which should be used for the Operating System. Possible values are
Ephemeral
andManaged
. Defaults toManaged
. Changing this forces a new resource to be created.- os_
sku str Specifies the OS SKU used by the agent pool. Possible values include:
Ubuntu
,CBLMariner
,Mariner
,Windows2019
,Windows2022
. If not specified, the default isUbuntu
if OSType=Linux orWindows2019
if OSType=Windows. And the default Windows OSSKU will be changed toWindows2022
after Windows2019 is deprecated. Changing this forces a new resource to be created.- pod_
subnet_ strid The ID of the Subnet where the pods in the default Node Pool should exist. Changing this forces a new resource to be created.
- proximity_
placement_ strgroup_ id The ID of the Proximity Placement Group. Changing this forces a new resource to be created.
- scale_
down_ strmode Specifies the autoscaling behaviour of the Kubernetes Cluster. Allowed values are
Delete
andDeallocate
. Defaults toDelete
.- Mapping[str, str]
A mapping of tags to assign to the Node Pool.
- temporary_
name_ strfor_ rotation Specifies the name of the temporary node pool used to cycle the default node pool for VM resizing.
- type str
The type of Node Pool which should be created. Possible values are
AvailabilitySet
andVirtualMachineScaleSets
. Defaults toVirtualMachineScaleSets
. Changing this forces a new resource to be created.- ultra_
ssd_ boolenabled Used to specify whether the UltraSSD is enabled in the Default Node Pool. Defaults to
false
. See the documentation for more information. Changing this forces a new resource to be created.- upgrade_
settings KubernetesCluster Default Node Pool Upgrade Settings A
upgrade_settings
block as documented below.- vnet_
subnet_ strid The ID of a Subnet where the Kubernetes Node Pool should exist. Changing this forces a new resource to be created.
- workload_
runtime str Specifies the workload runtime used by the node pool. Possible values are
OCIContainer
andKataMshvVmIsolation
.- zones Sequence[str]
Specifies a list of Availability Zones in which this Kubernetes Cluster should be located. Changing this forces a new Kubernetes Cluster to be created.
- name String
The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created.
- vm
Size String The size of the Virtual Machine, such as
Standard_DS2_v2
.- capacity
Reservation StringGroup Id Specifies the ID of the Capacity Reservation Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.
- custom
Ca BooleanTrust Enabled Specifies whether to trust a Custom CA.
- enable
Auto BooleanScaling Should the Kubernetes Auto Scaler be enabled for this Node Pool?
- enable
Host BooleanEncryption Should the nodes in the Default Node Pool have host encryption enabled? Changing this forces a new resource to be created.
- enable
Node BooleanPublic Ip Should nodes in this Node Pool have a Public IP Address? Changing this forces a new resource to be created.
- fips
Enabled Boolean Should the nodes in this Node Pool have Federal Information Processing Standard enabled? Changing this forces a new resource to be created.
- host
Group StringId Specifies the ID of the Host Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.
- kubelet
Config Property Map A
kubelet_config
block as defined below. Changing this forces a new resource to be created.- kubelet
Disk StringType The type of disk used by kubelet. Possible values are
OS
andTemporary
.- linux
Os Property MapConfig A
linux_os_config
block as defined below. Changing this forces a new resource to be created.- max
Count Number The maximum number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
.- max
Pods Number The maximum number of pods that can run on each agent. Changing this forces a new resource to be created.
- message
Of StringThe Day A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It cannot be specified for Windows nodes and must be a static string (i.e. will be printed raw and not executed as a script). Changing this forces a new resource to be created.
- min
Count Number The minimum number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
.- node
Count Number The initial number of nodes which should exist in this Node Pool. If specified this must be between
1
and1000
and betweenmin_count
andmax_count
.- node
Labels Map<String> A map of Kubernetes labels which should be applied to nodes in the Default Node Pool.
- node
Network Property MapProfile A
node_network_profile
block as documented below.- node
Public StringIp Prefix Id Resource ID for the Public IP Addresses Prefix for the nodes in this Node Pool.
enable_node_public_ip
should betrue
. Changing this forces a new resource to be created.- node
Taints List<String> A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created.
- only
Critical BooleanAddons Enabled Enabling this option will taint default node pool with
CriticalAddonsOnly=true:NoSchedule
taint. Changing this forces a new resource to be created.- orchestrator
Version String Version of Kubernetes used for the Agents. If not specified, the default node pool will be created with the version specified by
kubernetes_version
. If both are unspecified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as1.22
are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.- os
Disk NumberSize Gb The size of the OS Disk which should be used for each agent in the Node Pool. Changing this forces a new resource to be created.
- os
Disk StringType The type of disk which should be used for the Operating System. Possible values are
Ephemeral
andManaged
. Defaults toManaged
. Changing this forces a new resource to be created.- os
Sku String Specifies the OS SKU used by the agent pool. Possible values include:
Ubuntu
,CBLMariner
,Mariner
,Windows2019
,Windows2022
. If not specified, the default isUbuntu
if OSType=Linux orWindows2019
if OSType=Windows. And the default Windows OSSKU will be changed toWindows2022
after Windows2019 is deprecated. Changing this forces a new resource to be created.- pod
Subnet StringId The ID of the Subnet where the pods in the default Node Pool should exist. Changing this forces a new resource to be created.
- proximity
Placement StringGroup Id The ID of the Proximity Placement Group. Changing this forces a new resource to be created.
- scale
Down StringMode Specifies the autoscaling behaviour of the Kubernetes Cluster. Allowed values are
Delete
andDeallocate
. Defaults toDelete
.- Map<String>
A mapping of tags to assign to the Node Pool.
- temporary
Name StringFor Rotation Specifies the name of the temporary node pool used to cycle the default node pool for VM resizing.
- type String
The type of Node Pool which should be created. Possible values are
AvailabilitySet
andVirtualMachineScaleSets
. Defaults toVirtualMachineScaleSets
. Changing this forces a new resource to be created.- ultra
Ssd BooleanEnabled Used to specify whether the UltraSSD is enabled in the Default Node Pool. Defaults to
false
. See the documentation for more information. Changing this forces a new resource to be created.- upgrade
Settings Property Map A
upgrade_settings
block as documented below.- vnet
Subnet StringId The ID of a Subnet where the Kubernetes Node Pool should exist. Changing this forces a new resource to be created.
- workload
Runtime String Specifies the workload runtime used by the node pool. Possible values are
OCIContainer
andKataMshvVmIsolation
.- zones List<String>
Specifies a list of Availability Zones in which this Kubernetes Cluster should be located. Changing this forces a new Kubernetes Cluster to be created.
KubernetesClusterDefaultNodePoolKubeletConfig
- Allowed
Unsafe List<string>Sysctls Specifies the allow list of unsafe sysctls command or patterns (ending in
*
). Changing this forces a new resource to be created.- Container
Log intMax Line Specifies the maximum number of container log files that can be present for a container. must be at least 2. Changing this forces a new resource to be created.
- Container
Log intMax Size Mb Specifies the maximum size (e.g. 10MB) of container log file before it is rotated. Changing this forces a new resource to be created.
- Cpu
Cfs boolQuota Enabled Is CPU CFS quota enforcement for containers enabled? Changing this forces a new resource to be created.
- Cpu
Cfs stringQuota Period Specifies the CPU CFS quota period value. Changing this forces a new resource to be created.
- Cpu
Manager stringPolicy Specifies the CPU Manager policy to use. Possible values are
none
andstatic
, Changing this forces a new resource to be created.- Image
Gc intHigh Threshold Specifies the percent of disk usage above which image garbage collection is always run. Must be between
0
and100
. Changing this forces a new resource to be created.- Image
Gc intLow Threshold Specifies the percent of disk usage lower than which image garbage collection is never run. Must be between
0
and100
. Changing this forces a new resource to be created.- Pod
Max intPid Specifies the maximum number of processes per pod. Changing this forces a new resource to be created.
- Topology
Manager stringPolicy Specifies the Topology Manager policy to use. Possible values are
none
,best-effort
,restricted
orsingle-numa-node
. Changing this forces a new resource to be created.
- Allowed
Unsafe []stringSysctls Specifies the allow list of unsafe sysctls command or patterns (ending in
*
). Changing this forces a new resource to be created.- Container
Log intMax Line Specifies the maximum number of container log files that can be present for a container. must be at least 2. Changing this forces a new resource to be created.
- Container
Log intMax Size Mb Specifies the maximum size (e.g. 10MB) of container log file before it is rotated. Changing this forces a new resource to be created.
- Cpu
Cfs boolQuota Enabled Is CPU CFS quota enforcement for containers enabled? Changing this forces a new resource to be created.
- Cpu
Cfs stringQuota Period Specifies the CPU CFS quota period value. Changing this forces a new resource to be created.
- Cpu
Manager stringPolicy Specifies the CPU Manager policy to use. Possible values are
none
andstatic
, Changing this forces a new resource to be created.- Image
Gc intHigh Threshold Specifies the percent of disk usage above which image garbage collection is always run. Must be between
0
and100
. Changing this forces a new resource to be created.- Image
Gc intLow Threshold Specifies the percent of disk usage lower than which image garbage collection is never run. Must be between
0
and100
. Changing this forces a new resource to be created.- Pod
Max intPid Specifies the maximum number of processes per pod. Changing this forces a new resource to be created.
- Topology
Manager stringPolicy Specifies the Topology Manager policy to use. Possible values are
none
,best-effort
,restricted
orsingle-numa-node
. Changing this forces a new resource to be created.
- allowed
Unsafe List<String>Sysctls Specifies the allow list of unsafe sysctls command or patterns (ending in
*
). Changing this forces a new resource to be created.- container
Log IntegerMax Line Specifies the maximum number of container log files that can be present for a container. must be at least 2. Changing this forces a new resource to be created.
- container
Log IntegerMax Size Mb Specifies the maximum size (e.g. 10MB) of container log file before it is rotated. Changing this forces a new resource to be created.
- cpu
Cfs BooleanQuota Enabled Is CPU CFS quota enforcement for containers enabled? Changing this forces a new resource to be created.
- cpu
Cfs StringQuota Period Specifies the CPU CFS quota period value. Changing this forces a new resource to be created.
- cpu
Manager StringPolicy Specifies the CPU Manager policy to use. Possible values are
none
andstatic
, Changing this forces a new resource to be created.- image
Gc IntegerHigh Threshold Specifies the percent of disk usage above which image garbage collection is always run. Must be between
0
and100
. Changing this forces a new resource to be created.- image
Gc IntegerLow Threshold Specifies the percent of disk usage lower than which image garbage collection is never run. Must be between
0
and100
. Changing this forces a new resource to be created.- pod
Max IntegerPid Specifies the maximum number of processes per pod. Changing this forces a new resource to be created.
- topology
Manager StringPolicy Specifies the Topology Manager policy to use. Possible values are
none
,best-effort
,restricted
orsingle-numa-node
. Changing this forces a new resource to be created.
- allowed
Unsafe string[]Sysctls Specifies the allow list of unsafe sysctls command or patterns (ending in
*
). Changing this forces a new resource to be created.- container
Log numberMax Line Specifies the maximum number of container log files that can be present for a container. must be at least 2. Changing this forces a new resource to be created.
- container
Log numberMax Size Mb Specifies the maximum size (e.g. 10MB) of container log file before it is rotated. Changing this forces a new resource to be created.
- cpu
Cfs booleanQuota Enabled Is CPU CFS quota enforcement for containers enabled? Changing this forces a new resource to be created.
- cpu
Cfs stringQuota Period Specifies the CPU CFS quota period value. Changing this forces a new resource to be created.
- cpu
Manager stringPolicy Specifies the CPU Manager policy to use. Possible values are
none
andstatic
, Changing this forces a new resource to be created.- image
Gc numberHigh Threshold Specifies the percent of disk usage above which image garbage collection is always run. Must be between
0
and100
. Changing this forces a new resource to be created.- image
Gc numberLow Threshold Specifies the percent of disk usage lower than which image garbage collection is never run. Must be between
0
and100
. Changing this forces a new resource to be created.- pod
Max numberPid Specifies the maximum number of processes per pod. Changing this forces a new resource to be created.
- topology
Manager stringPolicy Specifies the Topology Manager policy to use. Possible values are
none
,best-effort
,restricted
orsingle-numa-node
. Changing this forces a new resource to be created.
- allowed_
unsafe_ Sequence[str]sysctls Specifies the allow list of unsafe sysctls command or patterns (ending in
*
). Changing this forces a new resource to be created.- container_
log_ intmax_ line Specifies the maximum number of container log files that can be present for a container. must be at least 2. Changing this forces a new resource to be created.
- container_
log_ intmax_ size_ mb Specifies the maximum size (e.g. 10MB) of container log file before it is rotated. Changing this forces a new resource to be created.
- cpu_
cfs_ boolquota_ enabled Is CPU CFS quota enforcement for containers enabled? Changing this forces a new resource to be created.
- cpu_
cfs_ strquota_ period Specifies the CPU CFS quota period value. Changing this forces a new resource to be created.
- cpu_
manager_ strpolicy Specifies the CPU Manager policy to use. Possible values are
none
andstatic
, Changing this forces a new resource to be created.- image_
gc_ inthigh_ threshold Specifies the percent of disk usage above which image garbage collection is always run. Must be between
0
and100
. Changing this forces a new resource to be created.- image_
gc_ intlow_ threshold Specifies the percent of disk usage lower than which image garbage collection is never run. Must be between
0
and100
. Changing this forces a new resource to be created.- pod_
max_ intpid Specifies the maximum number of processes per pod. Changing this forces a new resource to be created.
- topology_
manager_ strpolicy Specifies the Topology Manager policy to use. Possible values are
none
,best-effort
,restricted
orsingle-numa-node
. Changing this forces a new resource to be created.
- allowed
Unsafe List<String>Sysctls Specifies the allow list of unsafe sysctls command or patterns (ending in
*
). Changing this forces a new resource to be created.- container
Log NumberMax Line Specifies the maximum number of container log files that can be present for a container. must be at least 2. Changing this forces a new resource to be created.
- container
Log NumberMax Size Mb Specifies the maximum size (e.g. 10MB) of container log file before it is rotated. Changing this forces a new resource to be created.
- cpu
Cfs BooleanQuota Enabled Is CPU CFS quota enforcement for containers enabled? Changing this forces a new resource to be created.
- cpu
Cfs StringQuota Period Specifies the CPU CFS quota period value. Changing this forces a new resource to be created.
- cpu
Manager StringPolicy Specifies the CPU Manager policy to use. Possible values are
none
andstatic
, Changing this forces a new resource to be created.- image
Gc NumberHigh Threshold Specifies the percent of disk usage above which image garbage collection is always run. Must be between
0
and100
. Changing this forces a new resource to be created.- image
Gc NumberLow Threshold Specifies the percent of disk usage lower than which image garbage collection is never run. Must be between
0
and100
. Changing this forces a new resource to be created.- pod
Max NumberPid Specifies the maximum number of processes per pod. Changing this forces a new resource to be created.
- topology
Manager StringPolicy Specifies the Topology Manager policy to use. Possible values are
none
,best-effort
,restricted
orsingle-numa-node
. Changing this forces a new resource to be created.
KubernetesClusterDefaultNodePoolLinuxOsConfig
- Swap
File intSize Mb Specifies the size of the swap file on each node in MB. Changing this forces a new resource to be created.
- Sysctl
Config KubernetesCluster Default Node Pool Linux Os Config Sysctl Config A
sysctl_config
block as defined below. Changing this forces a new resource to be created.- Transparent
Huge stringPage Defrag specifies the defrag configuration for Transparent Huge Page. Possible values are
always
,defer
,defer+madvise
,madvise
andnever
. Changing this forces a new resource to be created.- Transparent
Huge stringPage Enabled Specifies the Transparent Huge Page enabled configuration. Possible values are
always
,madvise
andnever
. Changing this forces a new resource to be created.
- Swap
File intSize Mb Specifies the size of the swap file on each node in MB. Changing this forces a new resource to be created.
- Sysctl
Config KubernetesCluster Default Node Pool Linux Os Config Sysctl Config A
sysctl_config
block as defined below. Changing this forces a new resource to be created.- Transparent
Huge stringPage Defrag specifies the defrag configuration for Transparent Huge Page. Possible values are
always
,defer
,defer+madvise
,madvise
andnever
. Changing this forces a new resource to be created.- Transparent
Huge stringPage Enabled Specifies the Transparent Huge Page enabled configuration. Possible values are
always
,madvise
andnever
. Changing this forces a new resource to be created.
- swap
File IntegerSize Mb Specifies the size of the swap file on each node in MB. Changing this forces a new resource to be created.
- sysctl
Config KubernetesCluster Default Node Pool Linux Os Config Sysctl Config A
sysctl_config
block as defined below. Changing this forces a new resource to be created.- transparent
Huge StringPage Defrag specifies the defrag configuration for Transparent Huge Page. Possible values are
always
,defer
,defer+madvise
,madvise
andnever
. Changing this forces a new resource to be created.- transparent
Huge StringPage Enabled Specifies the Transparent Huge Page enabled configuration. Possible values are
always
,madvise
andnever
. Changing this forces a new resource to be created.
- swap
File numberSize Mb Specifies the size of the swap file on each node in MB. Changing this forces a new resource to be created.
- sysctl
Config KubernetesCluster Default Node Pool Linux Os Config Sysctl Config A
sysctl_config
block as defined below. Changing this forces a new resource to be created.- transparent
Huge stringPage Defrag specifies the defrag configuration for Transparent Huge Page. Possible values are
always
,defer
,defer+madvise
,madvise
andnever
. Changing this forces a new resource to be created.- transparent
Huge stringPage Enabled Specifies the Transparent Huge Page enabled configuration. Possible values are
always
,madvise
andnever
. Changing this forces a new resource to be created.
- swap_
file_ intsize_ mb Specifies the size of the swap file on each node in MB. Changing this forces a new resource to be created.
- sysctl_
config KubernetesCluster Default Node Pool Linux Os Config Sysctl Config A
sysctl_config
block as defined below. Changing this forces a new resource to be created.- transparent_
huge_ strpage_ defrag specifies the defrag configuration for Transparent Huge Page. Possible values are
always
,defer
,defer+madvise
,madvise
andnever
. Changing this forces a new resource to be created.- transparent_
huge_ strpage_ enabled Specifies the Transparent Huge Page enabled configuration. Possible values are
always
,madvise
andnever
. Changing this forces a new resource to be created.
- swap
File NumberSize Mb Specifies the size of the swap file on each node in MB. Changing this forces a new resource to be created.
- sysctl
Config Property Map A
sysctl_config
block as defined below. Changing this forces a new resource to be created.- transparent
Huge StringPage Defrag specifies the defrag configuration for Transparent Huge Page. Possible values are
always
,defer
,defer+madvise
,madvise
andnever
. Changing this forces a new resource to be created.- transparent
Huge StringPage Enabled Specifies the Transparent Huge Page enabled configuration. Possible values are
always
,madvise
andnever
. Changing this forces a new resource to be created.
KubernetesClusterDefaultNodePoolLinuxOsConfigSysctlConfig
- Fs
Aio intMax Nr The sysctl setting fs.aio-max-nr. Must be between
65536
and6553500
. Changing this forces a new resource to be created.- Fs
File intMax The sysctl setting fs.file-max. Must be between
8192
and12000500
. Changing this forces a new resource to be created.- Fs
Inotify intMax User Watches The sysctl setting fs.inotify.max_user_watches. Must be between
781250
and2097152
. Changing this forces a new resource to be created.- Fs
Nr intOpen The sysctl setting fs.nr_open. Must be between
8192
and20000500
. Changing this forces a new resource to be created.- Kernel
Threads intMax The sysctl setting kernel.threads-max. Must be between
20
and513785
. Changing this forces a new resource to be created.- Net
Core intNetdev Max Backlog The sysctl setting net.core.netdev_max_backlog. Must be between
1000
and3240000
. Changing this forces a new resource to be created.- Net
Core intOptmem Max The sysctl setting net.core.optmem_max. Must be between
20480
and4194304
. Changing this forces a new resource to be created.- Net
Core intRmem Default The sysctl setting net.core.rmem_default. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- Net
Core intRmem Max The sysctl setting net.core.rmem_max. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- Net
Core intSomaxconn The sysctl setting net.core.somaxconn. Must be between
4096
and3240000
. Changing this forces a new resource to be created.- Net
Core intWmem Default The sysctl setting net.core.wmem_default. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- Net
Core intWmem Max The sysctl setting net.core.wmem_max. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- Net
Ipv4Ip intLocal Port Range Max The sysctl setting net.ipv4.ip_local_port_range max value. Must be between
1024
and60999
. Changing this forces a new resource to be created.- Net
Ipv4Ip intLocal Port Range Min The sysctl setting net.ipv4.ip_local_port_range min value. Must be between
1024
and60999
. Changing this forces a new resource to be created.- Net
Ipv4Neigh intDefault Gc Thresh1 The sysctl setting net.ipv4.neigh.default.gc_thresh1. Must be between
128
and80000
. Changing this forces a new resource to be created.- Net
Ipv4Neigh intDefault Gc Thresh2 The sysctl setting net.ipv4.neigh.default.gc_thresh2. Must be between
512
and90000
. Changing this forces a new resource to be created.- Net
Ipv4Neigh intDefault Gc Thresh3 The sysctl setting net.ipv4.neigh.default.gc_thresh3. Must be between
1024
and100000
. Changing this forces a new resource to be created.- Net
Ipv4Tcp intFin Timeout The sysctl setting net.ipv4.tcp_fin_timeout. Must be between
5
and120
. Changing this forces a new resource to be created.- Net
Ipv4Tcp intKeepalive Intvl The sysctl setting net.ipv4.tcp_keepalive_intvl. Must be between
10
and75
. Changing this forces a new resource to be created.- Net
Ipv4Tcp intKeepalive Probes The sysctl setting net.ipv4.tcp_keepalive_probes. Must be between
1
and15
. Changing this forces a new resource to be created.- Net
Ipv4Tcp intKeepalive Time The sysctl setting net.ipv4.tcp_keepalive_time. Must be between
30
and432000
. Changing this forces a new resource to be created.- Net
Ipv4Tcp intMax Syn Backlog The sysctl setting net.ipv4.tcp_max_syn_backlog. Must be between
128
and3240000
. Changing this forces a new resource to be created.- Net
Ipv4Tcp intMax Tw Buckets The sysctl setting net.ipv4.tcp_max_tw_buckets. Must be between
8000
and1440000
. Changing this forces a new resource to be created.- Net
Ipv4Tcp boolTw Reuse The sysctl setting net.ipv4.tcp_tw_reuse. Changing this forces a new resource to be created.
- Net
Netfilter intNf Conntrack Buckets The sysctl setting net.netfilter.nf_conntrack_buckets. Must be between
65536
and147456
. Changing this forces a new resource to be created.- Net
Netfilter intNf Conntrack Max The sysctl setting net.netfilter.nf_conntrack_max. Must be between
131072
and1048576
. Changing this forces a new resource to be created.- Vm
Max intMap Count The sysctl setting vm.max_map_count. Must be between
65530
and262144
. Changing this forces a new resource to be created.- Vm
Swappiness int The sysctl setting vm.swappiness. Must be between
0
and100
. Changing this forces a new resource to be created.- Vm
Vfs intCache Pressure The sysctl setting vm.vfs_cache_pressure. Must be between
0
and100
. Changing this forces a new resource to be created.
- Fs
Aio intMax Nr The sysctl setting fs.aio-max-nr. Must be between
65536
and6553500
. Changing this forces a new resource to be created.- Fs
File intMax The sysctl setting fs.file-max. Must be between
8192
and12000500
. Changing this forces a new resource to be created.- Fs
Inotify intMax User Watches The sysctl setting fs.inotify.max_user_watches. Must be between
781250
and2097152
. Changing this forces a new resource to be created.- Fs
Nr intOpen The sysctl setting fs.nr_open. Must be between
8192
and20000500
. Changing this forces a new resource to be created.- Kernel
Threads intMax The sysctl setting kernel.threads-max. Must be between
20
and513785
. Changing this forces a new resource to be created.- Net
Core intNetdev Max Backlog The sysctl setting net.core.netdev_max_backlog. Must be between
1000
and3240000
. Changing this forces a new resource to be created.- Net
Core intOptmem Max The sysctl setting net.core.optmem_max. Must be between
20480
and4194304
. Changing this forces a new resource to be created.- Net
Core intRmem Default The sysctl setting net.core.rmem_default. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- Net
Core intRmem Max The sysctl setting net.core.rmem_max. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- Net
Core intSomaxconn The sysctl setting net.core.somaxconn. Must be between
4096
and3240000
. Changing this forces a new resource to be created.- Net
Core intWmem Default The sysctl setting net.core.wmem_default. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- Net
Core intWmem Max The sysctl setting net.core.wmem_max. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- Net
Ipv4Ip intLocal Port Range Max The sysctl setting net.ipv4.ip_local_port_range max value. Must be between
1024
and60999
. Changing this forces a new resource to be created.- Net
Ipv4Ip intLocal Port Range Min The sysctl setting net.ipv4.ip_local_port_range min value. Must be between
1024
and60999
. Changing this forces a new resource to be created.- Net
Ipv4Neigh intDefault Gc Thresh1 The sysctl setting net.ipv4.neigh.default.gc_thresh1. Must be between
128
and80000
. Changing this forces a new resource to be created.- Net
Ipv4Neigh intDefault Gc Thresh2 The sysctl setting net.ipv4.neigh.default.gc_thresh2. Must be between
512
and90000
. Changing this forces a new resource to be created.- Net
Ipv4Neigh intDefault Gc Thresh3 The sysctl setting net.ipv4.neigh.default.gc_thresh3. Must be between
1024
and100000
. Changing this forces a new resource to be created.- Net
Ipv4Tcp intFin Timeout The sysctl setting net.ipv4.tcp_fin_timeout. Must be between
5
and120
. Changing this forces a new resource to be created.- Net
Ipv4Tcp intKeepalive Intvl The sysctl setting net.ipv4.tcp_keepalive_intvl. Must be between
10
and75
. Changing this forces a new resource to be created.- Net
Ipv4Tcp intKeepalive Probes The sysctl setting net.ipv4.tcp_keepalive_probes. Must be between
1
and15
. Changing this forces a new resource to be created.- Net
Ipv4Tcp intKeepalive Time The sysctl setting net.ipv4.tcp_keepalive_time. Must be between
30
and432000
. Changing this forces a new resource to be created.- Net
Ipv4Tcp intMax Syn Backlog The sysctl setting net.ipv4.tcp_max_syn_backlog. Must be between
128
and3240000
. Changing this forces a new resource to be created.- Net
Ipv4Tcp intMax Tw Buckets The sysctl setting net.ipv4.tcp_max_tw_buckets. Must be between
8000
and1440000
. Changing this forces a new resource to be created.- Net
Ipv4Tcp boolTw Reuse The sysctl setting net.ipv4.tcp_tw_reuse. Changing this forces a new resource to be created.
- Net
Netfilter intNf Conntrack Buckets The sysctl setting net.netfilter.nf_conntrack_buckets. Must be between
65536
and147456
. Changing this forces a new resource to be created.- Net
Netfilter intNf Conntrack Max The sysctl setting net.netfilter.nf_conntrack_max. Must be between
131072
and1048576
. Changing this forces a new resource to be created.- Vm
Max intMap Count The sysctl setting vm.max_map_count. Must be between
65530
and262144
. Changing this forces a new resource to be created.- Vm
Swappiness int The sysctl setting vm.swappiness. Must be between
0
and100
. Changing this forces a new resource to be created.- Vm
Vfs intCache Pressure The sysctl setting vm.vfs_cache_pressure. Must be between
0
and100
. Changing this forces a new resource to be created.
- fs
Aio IntegerMax Nr The sysctl setting fs.aio-max-nr. Must be between
65536
and6553500
. Changing this forces a new resource to be created.- fs
File IntegerMax The sysctl setting fs.file-max. Must be between
8192
and12000500
. Changing this forces a new resource to be created.- fs
Inotify IntegerMax User Watches The sysctl setting fs.inotify.max_user_watches. Must be between
781250
and2097152
. Changing this forces a new resource to be created.- fs
Nr IntegerOpen The sysctl setting fs.nr_open. Must be between
8192
and20000500
. Changing this forces a new resource to be created.- kernel
Threads IntegerMax The sysctl setting kernel.threads-max. Must be between
20
and513785
. Changing this forces a new resource to be created.- net
Core IntegerNetdev Max Backlog The sysctl setting net.core.netdev_max_backlog. Must be between
1000
and3240000
. Changing this forces a new resource to be created.- net
Core IntegerOptmem Max The sysctl setting net.core.optmem_max. Must be between
20480
and4194304
. Changing this forces a new resource to be created.- net
Core IntegerRmem Default The sysctl setting net.core.rmem_default. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- net
Core IntegerRmem Max The sysctl setting net.core.rmem_max. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- net
Core IntegerSomaxconn The sysctl setting net.core.somaxconn. Must be between
4096
and3240000
. Changing this forces a new resource to be created.- net
Core IntegerWmem Default The sysctl setting net.core.wmem_default. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- net
Core IntegerWmem Max The sysctl setting net.core.wmem_max. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- net
Ipv4Ip IntegerLocal Port Range Max The sysctl setting net.ipv4.ip_local_port_range max value. Must be between
1024
and60999
. Changing this forces a new resource to be created.- net
Ipv4Ip IntegerLocal Port Range Min The sysctl setting net.ipv4.ip_local_port_range min value. Must be between
1024
and60999
. Changing this forces a new resource to be created.- net
Ipv4Neigh IntegerDefault Gc Thresh1 The sysctl setting net.ipv4.neigh.default.gc_thresh1. Must be between
128
and80000
. Changing this forces a new resource to be created.- net
Ipv4Neigh IntegerDefault Gc Thresh2 The sysctl setting net.ipv4.neigh.default.gc_thresh2. Must be between
512
and90000
. Changing this forces a new resource to be created.- net
Ipv4Neigh IntegerDefault Gc Thresh3 The sysctl setting net.ipv4.neigh.default.gc_thresh3. Must be between
1024
and100000
. Changing this forces a new resource to be created.- net
Ipv4Tcp IntegerFin Timeout The sysctl setting net.ipv4.tcp_fin_timeout. Must be between
5
and120
. Changing this forces a new resource to be created.- net
Ipv4Tcp IntegerKeepalive Intvl The sysctl setting net.ipv4.tcp_keepalive_intvl. Must be between
10
and75
. Changing this forces a new resource to be created.- net
Ipv4Tcp IntegerKeepalive Probes The sysctl setting net.ipv4.tcp_keepalive_probes. Must be between
1
and15
. Changing this forces a new resource to be created.- net
Ipv4Tcp IntegerKeepalive Time The sysctl setting net.ipv4.tcp_keepalive_time. Must be between
30
and432000
. Changing this forces a new resource to be created.- net
Ipv4Tcp IntegerMax Syn Backlog The sysctl setting net.ipv4.tcp_max_syn_backlog. Must be between
128
and3240000
. Changing this forces a new resource to be created.- net
Ipv4Tcp IntegerMax Tw Buckets The sysctl setting net.ipv4.tcp_max_tw_buckets. Must be between
8000
and1440000
. Changing this forces a new resource to be created.- net
Ipv4Tcp BooleanTw Reuse The sysctl setting net.ipv4.tcp_tw_reuse. Changing this forces a new resource to be created.
- net
Netfilter IntegerNf Conntrack Buckets The sysctl setting net.netfilter.nf_conntrack_buckets. Must be between
65536
and147456
. Changing this forces a new resource to be created.- net
Netfilter IntegerNf Conntrack Max The sysctl setting net.netfilter.nf_conntrack_max. Must be between
131072
and1048576
. Changing this forces a new resource to be created.- vm
Max IntegerMap Count The sysctl setting vm.max_map_count. Must be between
65530
and262144
. Changing this forces a new resource to be created.- vm
Swappiness Integer The sysctl setting vm.swappiness. Must be between
0
and100
. Changing this forces a new resource to be created.- vm
Vfs IntegerCache Pressure The sysctl setting vm.vfs_cache_pressure. Must be between
0
and100
. Changing this forces a new resource to be created.
- fs
Aio numberMax Nr The sysctl setting fs.aio-max-nr. Must be between
65536
and6553500
. Changing this forces a new resource to be created.- fs
File numberMax The sysctl setting fs.file-max. Must be between
8192
and12000500
. Changing this forces a new resource to be created.- fs
Inotify numberMax User Watches The sysctl setting fs.inotify.max_user_watches. Must be between
781250
and2097152
. Changing this forces a new resource to be created.- fs
Nr numberOpen The sysctl setting fs.nr_open. Must be between
8192
and20000500
. Changing this forces a new resource to be created.- kernel
Threads numberMax The sysctl setting kernel.threads-max. Must be between
20
and513785
. Changing this forces a new resource to be created.- net
Core numberNetdev Max Backlog The sysctl setting net.core.netdev_max_backlog. Must be between
1000
and3240000
. Changing this forces a new resource to be created.- net
Core numberOptmem Max The sysctl setting net.core.optmem_max. Must be between
20480
and4194304
. Changing this forces a new resource to be created.- net
Core numberRmem Default The sysctl setting net.core.rmem_default. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- net
Core numberRmem Max The sysctl setting net.core.rmem_max. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- net
Core numberSomaxconn The sysctl setting net.core.somaxconn. Must be between
4096
and3240000
. Changing this forces a new resource to be created.- net
Core numberWmem Default The sysctl setting net.core.wmem_default. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- net
Core numberWmem Max The sysctl setting net.core.wmem_max. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- net
Ipv4Ip numberLocal Port Range Max The sysctl setting net.ipv4.ip_local_port_range max value. Must be between
1024
and60999
. Changing this forces a new resource to be created.- net
Ipv4Ip numberLocal Port Range Min The sysctl setting net.ipv4.ip_local_port_range min value. Must be between
1024
and60999
. Changing this forces a new resource to be created.- net
Ipv4Neigh numberDefault Gc Thresh1 The sysctl setting net.ipv4.neigh.default.gc_thresh1. Must be between
128
and80000
. Changing this forces a new resource to be created.- net
Ipv4Neigh numberDefault Gc Thresh2 The sysctl setting net.ipv4.neigh.default.gc_thresh2. Must be between
512
and90000
. Changing this forces a new resource to be created.- net
Ipv4Neigh numberDefault Gc Thresh3 The sysctl setting net.ipv4.neigh.default.gc_thresh3. Must be between
1024
and100000
. Changing this forces a new resource to be created.- net
Ipv4Tcp numberFin Timeout The sysctl setting net.ipv4.tcp_fin_timeout. Must be between
5
and120
. Changing this forces a new resource to be created.- net
Ipv4Tcp numberKeepalive Intvl The sysctl setting net.ipv4.tcp_keepalive_intvl. Must be between
10
and75
. Changing this forces a new resource to be created.- net
Ipv4Tcp numberKeepalive Probes The sysctl setting net.ipv4.tcp_keepalive_probes. Must be between
1
and15
. Changing this forces a new resource to be created.- net
Ipv4Tcp numberKeepalive Time The sysctl setting net.ipv4.tcp_keepalive_time. Must be between
30
and432000
. Changing this forces a new resource to be created.- net
Ipv4Tcp numberMax Syn Backlog The sysctl setting net.ipv4.tcp_max_syn_backlog. Must be between
128
and3240000
. Changing this forces a new resource to be created.- net
Ipv4Tcp numberMax Tw Buckets The sysctl setting net.ipv4.tcp_max_tw_buckets. Must be between
8000
and1440000
. Changing this forces a new resource to be created.- net
Ipv4Tcp booleanTw Reuse The sysctl setting net.ipv4.tcp_tw_reuse. Changing this forces a new resource to be created.
- net
Netfilter numberNf Conntrack Buckets The sysctl setting net.netfilter.nf_conntrack_buckets. Must be between
65536
and147456
. Changing this forces a new resource to be created.- net
Netfilter numberNf Conntrack Max The sysctl setting net.netfilter.nf_conntrack_max. Must be between
131072
and1048576
. Changing this forces a new resource to be created.- vm
Max numberMap Count The sysctl setting vm.max_map_count. Must be between
65530
and262144
. Changing this forces a new resource to be created.- vm
Swappiness number The sysctl setting vm.swappiness. Must be between
0
and100
. Changing this forces a new resource to be created.- vm
Vfs numberCache Pressure The sysctl setting vm.vfs_cache_pressure. Must be between
0
and100
. Changing this forces a new resource to be created.
- fs_
aio_ intmax_ nr The sysctl setting fs.aio-max-nr. Must be between
65536
and6553500
. Changing this forces a new resource to be created.- fs_
file_ intmax The sysctl setting fs.file-max. Must be between
8192
and12000500
. Changing this forces a new resource to be created.- fs_
inotify_ intmax_ user_ watches The sysctl setting fs.inotify.max_user_watches. Must be between
781250
and2097152
. Changing this forces a new resource to be created.- fs_
nr_ intopen The sysctl setting fs.nr_open. Must be between
8192
and20000500
. Changing this forces a new resource to be created.- kernel_
threads_ intmax The sysctl setting kernel.threads-max. Must be between
20
and513785
. Changing this forces a new resource to be created.- net_
core_ intnetdev_ max_ backlog The sysctl setting net.core.netdev_max_backlog. Must be between
1000
and3240000
. Changing this forces a new resource to be created.- net_
core_ intoptmem_ max The sysctl setting net.core.optmem_max. Must be between
20480
and4194304
. Changing this forces a new resource to be created.- net_
core_ intrmem_ default The sysctl setting net.core.rmem_default. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- net_
core_ intrmem_ max The sysctl setting net.core.rmem_max. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- net_
core_ intsomaxconn The sysctl setting net.core.somaxconn. Must be between
4096
and3240000
. Changing this forces a new resource to be created.- net_
core_ intwmem_ default The sysctl setting net.core.wmem_default. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- net_
core_ intwmem_ max The sysctl setting net.core.wmem_max. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- net_
ipv4_ intip_ local_ port_ range_ max The sysctl setting net.ipv4.ip_local_port_range max value. Must be between
1024
and60999
. Changing this forces a new resource to be created.- net_
ipv4_ intip_ local_ port_ range_ min The sysctl setting net.ipv4.ip_local_port_range min value. Must be between
1024
and60999
. Changing this forces a new resource to be created.- net_
ipv4_ intneigh_ default_ gc_ thresh1 The sysctl setting net.ipv4.neigh.default.gc_thresh1. Must be between
128
and80000
. Changing this forces a new resource to be created.- net_
ipv4_ intneigh_ default_ gc_ thresh2 The sysctl setting net.ipv4.neigh.default.gc_thresh2. Must be between
512
and90000
. Changing this forces a new resource to be created.- net_
ipv4_ intneigh_ default_ gc_ thresh3 The sysctl setting net.ipv4.neigh.default.gc_thresh3. Must be between
1024
and100000
. Changing this forces a new resource to be created.- net_
ipv4_ inttcp_ fin_ timeout The sysctl setting net.ipv4.tcp_fin_timeout. Must be between
5
and120
. Changing this forces a new resource to be created.- net_
ipv4_ inttcp_ keepalive_ intvl The sysctl setting net.ipv4.tcp_keepalive_intvl. Must be between
10
and75
. Changing this forces a new resource to be created.- net_
ipv4_ inttcp_ keepalive_ probes The sysctl setting net.ipv4.tcp_keepalive_probes. Must be between
1
and15
. Changing this forces a new resource to be created.- net_
ipv4_ inttcp_ keepalive_ time The sysctl setting net.ipv4.tcp_keepalive_time. Must be between
30
and432000
. Changing this forces a new resource to be created.- net_
ipv4_ inttcp_ max_ syn_ backlog The sysctl setting net.ipv4.tcp_max_syn_backlog. Must be between
128
and3240000
. Changing this forces a new resource to be created.- net_
ipv4_ inttcp_ max_ tw_ buckets The sysctl setting net.ipv4.tcp_max_tw_buckets. Must be between
8000
and1440000
. Changing this forces a new resource to be created.- net_
ipv4_ booltcp_ tw_ reuse The sysctl setting net.ipv4.tcp_tw_reuse. Changing this forces a new resource to be created.
- net_
netfilter_ intnf_ conntrack_ buckets The sysctl setting net.netfilter.nf_conntrack_buckets. Must be between
65536
and147456
. Changing this forces a new resource to be created.- net_
netfilter_ intnf_ conntrack_ max The sysctl setting net.netfilter.nf_conntrack_max. Must be between
131072
and1048576
. Changing this forces a new resource to be created.- vm_
max_ intmap_ count The sysctl setting vm.max_map_count. Must be between
65530
and262144
. Changing this forces a new resource to be created.- vm_
swappiness int The sysctl setting vm.swappiness. Must be between
0
and100
. Changing this forces a new resource to be created.- vm_
vfs_ intcache_ pressure The sysctl setting vm.vfs_cache_pressure. Must be between
0
and100
. Changing this forces a new resource to be created.
- fs
Aio NumberMax Nr The sysctl setting fs.aio-max-nr. Must be between
65536
and6553500
. Changing this forces a new resource to be created.- fs
File NumberMax The sysctl setting fs.file-max. Must be between
8192
and12000500
. Changing this forces a new resource to be created.- fs
Inotify NumberMax User Watches The sysctl setting fs.inotify.max_user_watches. Must be between
781250
and2097152
. Changing this forces a new resource to be created.- fs
Nr NumberOpen The sysctl setting fs.nr_open. Must be between
8192
and20000500
. Changing this forces a new resource to be created.- kernel
Threads NumberMax The sysctl setting kernel.threads-max. Must be between
20
and513785
. Changing this forces a new resource to be created.- net
Core NumberNetdev Max Backlog The sysctl setting net.core.netdev_max_backlog. Must be between
1000
and3240000
. Changing this forces a new resource to be created.- net
Core NumberOptmem Max The sysctl setting net.core.optmem_max. Must be between
20480
and4194304
. Changing this forces a new resource to be created.- net
Core NumberRmem Default The sysctl setting net.core.rmem_default. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- net
Core NumberRmem Max The sysctl setting net.core.rmem_max. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- net
Core NumberSomaxconn The sysctl setting net.core.somaxconn. Must be between
4096
and3240000
. Changing this forces a new resource to be created.- net
Core NumberWmem Default The sysctl setting net.core.wmem_default. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- net
Core NumberWmem Max The sysctl setting net.core.wmem_max. Must be between
212992
and134217728
. Changing this forces a new resource to be created.- net
Ipv4Ip NumberLocal Port Range Max The sysctl setting net.ipv4.ip_local_port_range max value. Must be between
1024
and60999
. Changing this forces a new resource to be created.- net
Ipv4Ip NumberLocal Port Range Min The sysctl setting net.ipv4.ip_local_port_range min value. Must be between
1024
and60999
. Changing this forces a new resource to be created.- net
Ipv4Neigh NumberDefault Gc Thresh1 The sysctl setting net.ipv4.neigh.default.gc_thresh1. Must be between
128
and80000
. Changing this forces a new resource to be created.- net
Ipv4Neigh NumberDefault Gc Thresh2 The sysctl setting net.ipv4.neigh.default.gc_thresh2. Must be between
512
and90000
. Changing this forces a new resource to be created.- net
Ipv4Neigh NumberDefault Gc Thresh3 The sysctl setting net.ipv4.neigh.default.gc_thresh3. Must be between
1024
and100000
. Changing this forces a new resource to be created.- net
Ipv4Tcp NumberFin Timeout The sysctl setting net.ipv4.tcp_fin_timeout. Must be between
5
and120
. Changing this forces a new resource to be created.- net
Ipv4Tcp NumberKeepalive Intvl The sysctl setting net.ipv4.tcp_keepalive_intvl. Must be between
10
and75
. Changing this forces a new resource to be created.- net
Ipv4Tcp NumberKeepalive Probes The sysctl setting net.ipv4.tcp_keepalive_probes. Must be between
1
and15
. Changing this forces a new resource to be created.- net
Ipv4Tcp NumberKeepalive Time The sysctl setting net.ipv4.tcp_keepalive_time. Must be between
30
and432000
. Changing this forces a new resource to be created.- net
Ipv4Tcp NumberMax Syn Backlog The sysctl setting net.ipv4.tcp_max_syn_backlog. Must be between
128
and3240000
. Changing this forces a new resource to be created.- net
Ipv4Tcp NumberMax Tw Buckets The sysctl setting net.ipv4.tcp_max_tw_buckets. Must be between
8000
and1440000
. Changing this forces a new resource to be created.- net
Ipv4Tcp BooleanTw Reuse The sysctl setting net.ipv4.tcp_tw_reuse. Changing this forces a new resource to be created.
- net
Netfilter NumberNf Conntrack Buckets The sysctl setting net.netfilter.nf_conntrack_buckets. Must be between
65536
and147456
. Changing this forces a new resource to be created.- net
Netfilter NumberNf Conntrack Max The sysctl setting net.netfilter.nf_conntrack_max. Must be between
131072
and1048576
. Changing this forces a new resource to be created.- vm
Max NumberMap Count The sysctl setting vm.max_map_count. Must be between
65530
and262144
. Changing this forces a new resource to be created.- vm
Swappiness Number The sysctl setting vm.swappiness. Must be between
0
and100
. Changing this forces a new resource to be created.- vm
Vfs NumberCache Pressure The sysctl setting vm.vfs_cache_pressure. Must be between
0
and100
. Changing this forces a new resource to be created.
KubernetesClusterDefaultNodePoolNodeNetworkProfile
- Dictionary<string, string>
Specifies a mapping of tags to the instance-level public IPs. Changing this forces a new resource to be created.
- map[string]string
Specifies a mapping of tags to the instance-level public IPs. Changing this forces a new resource to be created.
- Map<String,String>
Specifies a mapping of tags to the instance-level public IPs. Changing this forces a new resource to be created.
- {[key: string]: string}
Specifies a mapping of tags to the instance-level public IPs. Changing this forces a new resource to be created.
- Mapping[str, str]
Specifies a mapping of tags to the instance-level public IPs. Changing this forces a new resource to be created.
- Map<String>
Specifies a mapping of tags to the instance-level public IPs. Changing this forces a new resource to be created.
KubernetesClusterDefaultNodePoolUpgradeSettings
- Max
Surge string The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade.
- Max
Surge string The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade.
- max
Surge String The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade.
- max
Surge string The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade.
- max_
surge str The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade.
- max
Surge String The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade.
KubernetesClusterHttpProxyConfig
- Http
Proxy string The proxy address to be used when communicating over HTTP. Changing this forces a new resource to be created.
- Https
Proxy string The proxy address to be used when communicating over HTTPS. Changing this forces a new resource to be created.
- No
Proxies List<string> The list of domains that will not use the proxy for communication. Changing this forces a new resource to be created.
- Trusted
Ca string The base64 encoded alternative CA certificate content in PEM format.
- Http
Proxy string The proxy address to be used when communicating over HTTP. Changing this forces a new resource to be created.
- Https
Proxy string The proxy address to be used when communicating over HTTPS. Changing this forces a new resource to be created.
- No
Proxies []string The list of domains that will not use the proxy for communication. Changing this forces a new resource to be created.
- Trusted
Ca string The base64 encoded alternative CA certificate content in PEM format.
- http
Proxy String The proxy address to be used when communicating over HTTP. Changing this forces a new resource to be created.
- https
Proxy String The proxy address to be used when communicating over HTTPS. Changing this forces a new resource to be created.
- no
Proxies List<String> The list of domains that will not use the proxy for communication. Changing this forces a new resource to be created.
- trusted
Ca String The base64 encoded alternative CA certificate content in PEM format.
- http
Proxy string The proxy address to be used when communicating over HTTP. Changing this forces a new resource to be created.
- https
Proxy string The proxy address to be used when communicating over HTTPS. Changing this forces a new resource to be created.
- no
Proxies string[] The list of domains that will not use the proxy for communication. Changing this forces a new resource to be created.
- trusted
Ca string The base64 encoded alternative CA certificate content in PEM format.
- http_
proxy str The proxy address to be used when communicating over HTTP. Changing this forces a new resource to be created.
- https_
proxy str The proxy address to be used when communicating over HTTPS. Changing this forces a new resource to be created.
- no_
proxies Sequence[str] The list of domains that will not use the proxy for communication. Changing this forces a new resource to be created.
- trusted_
ca str The base64 encoded alternative CA certificate content in PEM format.
- http
Proxy String The proxy address to be used when communicating over HTTP. Changing this forces a new resource to be created.
- https
Proxy String The proxy address to be used when communicating over HTTPS. Changing this forces a new resource to be created.
- no
Proxies List<String> The list of domains that will not use the proxy for communication. Changing this forces a new resource to be created.
- trusted
Ca String The base64 encoded alternative CA certificate content in PEM format.
KubernetesClusterIdentity
- Type string
Specifies the type of Managed Service Identity that should be configured on this Kubernetes Cluster. Possible values are
SystemAssigned
orUserAssigned
.- Identity
Ids List<string> Specifies a list of User Assigned Managed Identity IDs to be assigned to this Kubernetes Cluster.
- Principal
Id string The Principal ID associated with this Managed Service Identity.
- Tenant
Id string The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.
- Type string
Specifies the type of Managed Service Identity that should be configured on this Kubernetes Cluster. Possible values are
SystemAssigned
orUserAssigned
.- Identity
Ids []string Specifies a list of User Assigned Managed Identity IDs to be assigned to this Kubernetes Cluster.
- Principal
Id string The Principal ID associated with this Managed Service Identity.
- Tenant
Id string The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.
- type String
Specifies the type of Managed Service Identity that should be configured on this Kubernetes Cluster. Possible values are
SystemAssigned
orUserAssigned
.- identity
Ids List<String> Specifies a list of User Assigned Managed Identity IDs to be assigned to this Kubernetes Cluster.
- principal
Id String The Principal ID associated with this Managed Service Identity.
- tenant
Id String The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.
- type string
Specifies the type of Managed Service Identity that should be configured on this Kubernetes Cluster. Possible values are
SystemAssigned
orUserAssigned
.- identity
Ids string[] Specifies a list of User Assigned Managed Identity IDs to be assigned to this Kubernetes Cluster.
- principal
Id string The Principal ID associated with this Managed Service Identity.
- tenant
Id string The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.
- type str
Specifies the type of Managed Service Identity that should be configured on this Kubernetes Cluster. Possible values are
SystemAssigned
orUserAssigned
.- identity_
ids Sequence[str] Specifies a list of User Assigned Managed Identity IDs to be assigned to this Kubernetes Cluster.
- principal_
id str The Principal ID associated with this Managed Service Identity.
- tenant_
id str The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.
- type String
Specifies the type of Managed Service Identity that should be configured on this Kubernetes Cluster. Possible values are
SystemAssigned
orUserAssigned
.- identity
Ids List<String> Specifies a list of User Assigned Managed Identity IDs to be assigned to this Kubernetes Cluster.
- principal
Id String The Principal ID associated with this Managed Service Identity.
- tenant
Id String The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.
KubernetesClusterIngressApplicationGateway
- Effective
Gateway stringId The ID of the Application Gateway associated with the ingress controller deployed to this Kubernetes Cluster.
- Gateway
Id string The ID of the Application Gateway to integrate with the ingress controller of this Kubernetes Cluster. See this page for further details.
- Gateway
Name string The name of the Application Gateway to be used or created in the Nodepool Resource Group, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- Ingress
Application List<KubernetesGateway Identities Cluster Ingress Application Gateway Ingress Application Gateway Identity> An
ingress_application_gateway_identity
block is exported. The exported attributes are defined below.- Subnet
Cidr string The subnet CIDR to be used to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- Subnet
Id string The ID of the subnet on which to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- Effective
Gateway stringId The ID of the Application Gateway associated with the ingress controller deployed to this Kubernetes Cluster.
- Gateway
Id string The ID of the Application Gateway to integrate with the ingress controller of this Kubernetes Cluster. See this page for further details.
- Gateway
Name string The name of the Application Gateway to be used or created in the Nodepool Resource Group, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- Ingress
Application []KubernetesGateway Identities Cluster Ingress Application Gateway Ingress Application Gateway Identity An
ingress_application_gateway_identity
block is exported. The exported attributes are defined below.- Subnet
Cidr string The subnet CIDR to be used to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- Subnet
Id string The ID of the subnet on which to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- effective
Gateway StringId The ID of the Application Gateway associated with the ingress controller deployed to this Kubernetes Cluster.
- gateway
Id String The ID of the Application Gateway to integrate with the ingress controller of this Kubernetes Cluster. See this page for further details.
- gateway
Name String The name of the Application Gateway to be used or created in the Nodepool Resource Group, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- ingress
Application List<KubernetesGateway Identities Cluster Ingress Application Gateway Ingress Application Gateway Identity> An
ingress_application_gateway_identity
block is exported. The exported attributes are defined below.- subnet
Cidr String The subnet CIDR to be used to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- subnet
Id String The ID of the subnet on which to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- effective
Gateway stringId The ID of the Application Gateway associated with the ingress controller deployed to this Kubernetes Cluster.
- gateway
Id string The ID of the Application Gateway to integrate with the ingress controller of this Kubernetes Cluster. See this page for further details.
- gateway
Name string The name of the Application Gateway to be used or created in the Nodepool Resource Group, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- ingress
Application KubernetesGateway Identities Cluster Ingress Application Gateway Ingress Application Gateway Identity[] An
ingress_application_gateway_identity
block is exported. The exported attributes are defined below.- subnet
Cidr string The subnet CIDR to be used to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- subnet
Id string The ID of the subnet on which to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- effective_
gateway_ strid The ID of the Application Gateway associated with the ingress controller deployed to this Kubernetes Cluster.
- gateway_
id str The ID of the Application Gateway to integrate with the ingress controller of this Kubernetes Cluster. See this page for further details.
- gateway_
name str The name of the Application Gateway to be used or created in the Nodepool Resource Group, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- ingress_
application_ Sequence[Kubernetesgateway_ identities Cluster Ingress Application Gateway Ingress Application Gateway Identity] An
ingress_application_gateway_identity
block is exported. The exported attributes are defined below.- subnet_
cidr str The subnet CIDR to be used to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- subnet_
id str The ID of the subnet on which to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- effective
Gateway StringId The ID of the Application Gateway associated with the ingress controller deployed to this Kubernetes Cluster.
- gateway
Id String The ID of the Application Gateway to integrate with the ingress controller of this Kubernetes Cluster. See this page for further details.
- gateway
Name String The name of the Application Gateway to be used or created in the Nodepool Resource Group, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- ingress
Application List<Property Map>Gateway Identities An
ingress_application_gateway_identity
block is exported. The exported attributes are defined below.- subnet
Cidr String The subnet CIDR to be used to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
- subnet
Id String The ID of the subnet on which to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.
KubernetesClusterIngressApplicationGatewayIngressApplicationGatewayIdentity
- Client
Id string The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- Object
Id string The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- User
Assigned stringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- Client
Id string The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- Object
Id string The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- User
Assigned stringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- client
Id String The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- object
Id String The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- user
Assigned StringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- client
Id string The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- object
Id string The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- user
Assigned stringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- client_
id str The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- object_
id str The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- user_
assigned_ stridentity_ id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- client
Id String The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- object
Id String The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- user
Assigned StringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
KubernetesClusterKeyManagementService
- Key
Vault stringKey Id Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When
enabled
isfalse
, leave the field empty.- Key
Vault stringNetwork Access Network access of the key vault Network access of key vault. The possible values are
Public
andPrivate
.Public
means the key vault allows public access from all networks.Private
means the key vault disables public access and enables private link. The default value isPublic
.
- Key
Vault stringKey Id Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When
enabled
isfalse
, leave the field empty.- Key
Vault stringNetwork Access Network access of the key vault Network access of key vault. The possible values are
Public
andPrivate
.Public
means the key vault allows public access from all networks.Private
means the key vault disables public access and enables private link. The default value isPublic
.
- key
Vault StringKey Id Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When
enabled
isfalse
, leave the field empty.- key
Vault StringNetwork Access Network access of the key vault Network access of key vault. The possible values are
Public
andPrivate
.Public
means the key vault allows public access from all networks.Private
means the key vault disables public access and enables private link. The default value isPublic
.
- key
Vault stringKey Id Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When
enabled
isfalse
, leave the field empty.- key
Vault stringNetwork Access Network access of the key vault Network access of key vault. The possible values are
Public
andPrivate
.Public
means the key vault allows public access from all networks.Private
means the key vault disables public access and enables private link. The default value isPublic
.
- key_
vault_ strkey_ id Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When
enabled
isfalse
, leave the field empty.- key_
vault_ strnetwork_ access Network access of the key vault Network access of key vault. The possible values are
Public
andPrivate
.Public
means the key vault allows public access from all networks.Private
means the key vault disables public access and enables private link. The default value isPublic
.
- key
Vault StringKey Id Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When
enabled
isfalse
, leave the field empty.- key
Vault StringNetwork Access Network access of the key vault Network access of key vault. The possible values are
Public
andPrivate
.Public
means the key vault allows public access from all networks.Private
means the key vault disables public access and enables private link. The default value isPublic
.
KubernetesClusterKeyVaultSecretsProvider
- Secret
Identities List<KubernetesCluster Key Vault Secrets Provider Secret Identity> An
secret_identity
block is exported. The exported attributes are defined below.- Secret
Rotation boolEnabled Should the secret store CSI driver on the AKS cluster be enabled?
- Secret
Rotation stringInterval The interval to poll for secret rotation. This attribute is only set when
secret_rotation
is true and defaults to2m
.
- Secret
Identities []KubernetesCluster Key Vault Secrets Provider Secret Identity An
secret_identity
block is exported. The exported attributes are defined below.- Secret
Rotation boolEnabled Should the secret store CSI driver on the AKS cluster be enabled?
- Secret
Rotation stringInterval The interval to poll for secret rotation. This attribute is only set when
secret_rotation
is true and defaults to2m
.
- secret
Identities List<KubernetesCluster Key Vault Secrets Provider Secret Identity> An
secret_identity
block is exported. The exported attributes are defined below.- secret
Rotation BooleanEnabled Should the secret store CSI driver on the AKS cluster be enabled?
- secret
Rotation StringInterval The interval to poll for secret rotation. This attribute is only set when
secret_rotation
is true and defaults to2m
.
- secret
Identities KubernetesCluster Key Vault Secrets Provider Secret Identity[] An
secret_identity
block is exported. The exported attributes are defined below.- secret
Rotation booleanEnabled Should the secret store CSI driver on the AKS cluster be enabled?
- secret
Rotation stringInterval The interval to poll for secret rotation. This attribute is only set when
secret_rotation
is true and defaults to2m
.
- secret_
identities Sequence[KubernetesCluster Key Vault Secrets Provider Secret Identity] An
secret_identity
block is exported. The exported attributes are defined below.- secret_
rotation_ boolenabled Should the secret store CSI driver on the AKS cluster be enabled?
- secret_
rotation_ strinterval The interval to poll for secret rotation. This attribute is only set when
secret_rotation
is true and defaults to2m
.
- secret
Identities List<Property Map> An
secret_identity
block is exported. The exported attributes are defined below.- secret
Rotation BooleanEnabled Should the secret store CSI driver on the AKS cluster be enabled?
- secret
Rotation StringInterval The interval to poll for secret rotation. This attribute is only set when
secret_rotation
is true and defaults to2m
.
KubernetesClusterKeyVaultSecretsProviderSecretIdentity
- Client
Id string The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- Object
Id string The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- User
Assigned stringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- Client
Id string The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- Object
Id string The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- User
Assigned stringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- client
Id String The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- object
Id String The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- user
Assigned StringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- client
Id string The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- object
Id string The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- user
Assigned stringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- client_
id str The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- object_
id str The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- user_
assigned_ stridentity_ id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- client
Id String The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- object
Id String The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- user
Assigned StringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
KubernetesClusterKubeAdminConfig
- Client
Certificate string Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.
- Client
Key string Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.
- Cluster
Ca stringCertificate Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.
- Host string
The Kubernetes cluster server host.
- Password string
A password or token used to authenticate to the Kubernetes cluster.
- Username string
A username used to authenticate to the Kubernetes cluster.
- Client
Certificate string Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.
- Client
Key string Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.
- Cluster
Ca stringCertificate Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.
- Host string
The Kubernetes cluster server host.
- Password string
A password or token used to authenticate to the Kubernetes cluster.
- Username string
A username used to authenticate to the Kubernetes cluster.
- client
Certificate String Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.
- client
Key String Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.
- cluster
Ca StringCertificate Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.
- host String
The Kubernetes cluster server host.
- password String
A password or token used to authenticate to the Kubernetes cluster.
- username String
A username used to authenticate to the Kubernetes cluster.
- client
Certificate string Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.
- client
Key string Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.
- cluster
Ca stringCertificate Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.
- host string
The Kubernetes cluster server host.
- password string
A password or token used to authenticate to the Kubernetes cluster.
- username string
A username used to authenticate to the Kubernetes cluster.
- client_
certificate str Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.
- client_
key str Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.
- cluster_
ca_ strcertificate Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.
- host str
The Kubernetes cluster server host.
- password str
A password or token used to authenticate to the Kubernetes cluster.
- username str
A username used to authenticate to the Kubernetes cluster.
- client
Certificate String Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.
- client
Key String Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.
- cluster
Ca StringCertificate Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.
- host String
The Kubernetes cluster server host.
- password String
A password or token used to authenticate to the Kubernetes cluster.
- username String
A username used to authenticate to the Kubernetes cluster.
KubernetesClusterKubeConfig
- Client
Certificate string Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.
- Client
Key string Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.
- Cluster
Ca stringCertificate Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.
- Host string
The Kubernetes cluster server host.
- Password string
A password or token used to authenticate to the Kubernetes cluster.
- Username string
A username used to authenticate to the Kubernetes cluster.
- Client
Certificate string Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.
- Client
Key string Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.
- Cluster
Ca stringCertificate Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.
- Host string
The Kubernetes cluster server host.
- Password string
A password or token used to authenticate to the Kubernetes cluster.
- Username string
A username used to authenticate to the Kubernetes cluster.
- client
Certificate String Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.
- client
Key String Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.
- cluster
Ca StringCertificate Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.
- host String
The Kubernetes cluster server host.
- password String
A password or token used to authenticate to the Kubernetes cluster.
- username String
A username used to authenticate to the Kubernetes cluster.
- client
Certificate string Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.
- client
Key string Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.
- cluster
Ca stringCertificate Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.
- host string
The Kubernetes cluster server host.
- password string
A password or token used to authenticate to the Kubernetes cluster.
- username string
A username used to authenticate to the Kubernetes cluster.
- client_
certificate str Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.
- client_
key str Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.
- cluster_
ca_ strcertificate Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.
- host str
The Kubernetes cluster server host.
- password str
A password or token used to authenticate to the Kubernetes cluster.
- username str
A username used to authenticate to the Kubernetes cluster.
- client
Certificate String Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.
- client
Key String Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.
- cluster
Ca StringCertificate Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.
- host String
The Kubernetes cluster server host.
- password String
A password or token used to authenticate to the Kubernetes cluster.
- username String
A username used to authenticate to the Kubernetes cluster.
KubernetesClusterKubeletIdentity
- Client
Id string The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- Object
Id string The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- User
Assigned stringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- Client
Id string The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- Object
Id string The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- User
Assigned stringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- client
Id String The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- object
Id String The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- user
Assigned StringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- client
Id string The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- object
Id string The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- user
Assigned stringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- client_
id str The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- object_
id str The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- user_
assigned_ stridentity_ id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- client
Id String The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- object
Id String The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
- user
Assigned StringIdentity Id The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.
KubernetesClusterLinuxProfile
- Admin
Username string The Admin Username for the Cluster. Changing this forces a new resource to be created.
- Ssh
Key KubernetesCluster Linux Profile Ssh Key An
ssh_key
block. Only one is currently allowed. Changing this will update the key on all node pools. More information can be found in the documentation.
- Admin
Username string The Admin Username for the Cluster. Changing this forces a new resource to be created.
- Ssh
Key KubernetesCluster Linux Profile Ssh Key An
ssh_key
block. Only one is currently allowed. Changing this will update the key on all node pools. More information can be found in the documentation.
- admin
Username String The Admin Username for the Cluster. Changing this forces a new resource to be created.
- ssh
Key KubernetesCluster Linux Profile Ssh Key An
ssh_key
block. Only one is currently allowed. Changing this will update the key on all node pools. More information can be found in the documentation.
- admin
Username string The Admin Username for the Cluster. Changing this forces a new resource to be created.
- ssh
Key KubernetesCluster Linux Profile Ssh Key An
ssh_key
block. Only one is currently allowed. Changing this will update the key on all node pools. More information can be found in the documentation.
- admin_
username str The Admin Username for the Cluster. Changing this forces a new resource to be created.
- ssh_
key KubernetesCluster Linux Profile Ssh Key An
ssh_key
block. Only one is currently allowed. Changing this will update the key on all node pools. More information can be found in the documentation.
- admin
Username String The Admin Username for the Cluster. Changing this forces a new resource to be created.
- ssh
Key Property Map An
ssh_key
block. Only one is currently allowed. Changing this will update the key on all node pools. More information can be found in the documentation.
KubernetesClusterLinuxProfileSshKey
- Key
Data string The Public SSH Key used to access the cluster.
- Key
Data string The Public SSH Key used to access the cluster.
- key
Data String The Public SSH Key used to access the cluster.
- key
Data string The Public SSH Key used to access the cluster.
- key_
data str The Public SSH Key used to access the cluster.
- key
Data String The Public SSH Key used to access the cluster.
KubernetesClusterMaintenanceWindow
- Alloweds
List<Kubernetes
Cluster Maintenance Window Allowed> One or more
allowed
blocks as defined below.- Not
Alloweds List<KubernetesCluster Maintenance Window Not Allowed> One or more
not_allowed
block as defined below.
- Alloweds
[]Kubernetes
Cluster Maintenance Window Allowed One or more
allowed
blocks as defined below.- Not
Alloweds []KubernetesCluster Maintenance Window Not Allowed One or more
not_allowed
block as defined below.
- alloweds
List<Kubernetes
Cluster Maintenance Window Allowed> One or more
allowed
blocks as defined below.- not
Alloweds List<KubernetesCluster Maintenance Window Not Allowed> One or more
not_allowed
block as defined below.
- alloweds
Kubernetes
Cluster Maintenance Window Allowed[] One or more
allowed
blocks as defined below.- not
Alloweds KubernetesCluster Maintenance Window Not Allowed[] One or more
not_allowed
block as defined below.
- alloweds
Sequence[Kubernetes
Cluster Maintenance Window Allowed] One or more
allowed
blocks as defined below.- not_
alloweds Sequence[KubernetesCluster Maintenance Window Not Allowed] One or more
not_allowed
block as defined below.
- alloweds List<Property Map>
One or more
allowed
blocks as defined below.- not
Alloweds List<Property Map> One or more
not_allowed
block as defined below.
KubernetesClusterMaintenanceWindowAllowed
- Day string
A day in a week. Possible values are
Sunday
,Monday
,Tuesday
,Wednesday
,Thursday
,Friday
andSaturday
.- Hours List<int>
An array of hour slots in a day. For example, specifying
1
will allow maintenance from 1:00am to 2:00am. Specifying1
,2
will allow maintenance from 1:00am to 3:00m. Possible values are between0
and23
.
- Day string
A day in a week. Possible values are
Sunday
,Monday
,Tuesday
,Wednesday
,Thursday
,Friday
andSaturday
.- Hours []int
An array of hour slots in a day. For example, specifying
1
will allow maintenance from 1:00am to 2:00am. Specifying1
,2
will allow maintenance from 1:00am to 3:00m. Possible values are between0
and23
.
- day String
A day in a week. Possible values are
Sunday
,Monday
,Tuesday
,Wednesday
,Thursday
,Friday
andSaturday
.- hours List<Integer>
An array of hour slots in a day. For example, specifying
1
will allow maintenance from 1:00am to 2:00am. Specifying1
,2
will allow maintenance from 1:00am to 3:00m. Possible values are between0
and23
.
- day string
A day in a week. Possible values are
Sunday
,Monday
,Tuesday
,Wednesday
,Thursday
,Friday
andSaturday
.- hours number[]
An array of hour slots in a day. For example, specifying
1
will allow maintenance from 1:00am to 2:00am. Specifying1
,2
will allow maintenance from 1:00am to 3:00m. Possible values are between0
and23
.
- day str
A day in a week. Possible values are
Sunday
,Monday
,Tuesday
,Wednesday
,Thursday
,Friday
andSaturday
.- hours Sequence[int]
An array of hour slots in a day. For example, specifying
1
will allow maintenance from 1:00am to 2:00am. Specifying1
,2
will allow maintenance from 1:00am to 3:00m. Possible values are between0
and23
.
- day String
A day in a week. Possible values are
Sunday
,Monday
,Tuesday
,Wednesday
,Thursday
,Friday
andSaturday
.- hours List<Number>
An array of hour slots in a day. For example, specifying
1
will allow maintenance from 1:00am to 2:00am. Specifying1
,2
will allow maintenance from 1:00am to 3:00m. Possible values are between0
and23
.
KubernetesClusterMaintenanceWindowNotAllowed
KubernetesClusterMicrosoftDefender
- Log
Analytics stringWorkspace Id Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to.
- Log
Analytics stringWorkspace Id Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to.
- log
Analytics StringWorkspace Id Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to.
- log
Analytics stringWorkspace Id Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to.
- log_
analytics_ strworkspace_ id Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to.
- log
Analytics StringWorkspace Id Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to.
KubernetesClusterMonitorMetrics
- Annotations
Allowed string Specifies a comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric.
- Labels
Allowed string Specifies a Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.
- Annotations
Allowed string Specifies a comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric.
- Labels
Allowed string Specifies a Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.
- annotations
Allowed String Specifies a comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric.
- labels
Allowed String Specifies a Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.
- annotations
Allowed string Specifies a comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric.
- labels
Allowed string Specifies a Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.
- annotations_
allowed str Specifies a comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric.
- labels_
allowed str Specifies a Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.
- annotations
Allowed String Specifies a comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric.
- labels
Allowed String Specifies a Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.
KubernetesClusterNetworkProfile
- Network
Plugin string Network plugin to use for networking. Currently supported values are
azure
,kubenet
andnone
. Changing this forces a new resource to be created.- Dns
Service stringIp IP address within the Kubernetes service address range that will be used by cluster service discovery (kube-dns). Changing this forces a new resource to be created.
- Docker
Bridge stringCidr IP address (in CIDR notation) used as the Docker bridge IP address on nodes. Changing this forces a new resource to be created.
docker_bridge_cidr
has been deprecated as the API no longer supports it and will be removed in version 4.0 of the provider.- Ebpf
Data stringPlane Specifies the eBPF data plane used for building the Kubernetes network. Possible value is
cilium
. Changing this forces a new resource to be created.- Ip
Versions List<string> Specifies a list of IP versions the Kubernetes Cluster will use to assign IP addresses to its nodes and pods. Possible values are
IPv4
and/orIPv6
.IPv4
must always be specified. Changing this forces a new resource to be created.- Load
Balancer KubernetesProfile Cluster Network Profile Load Balancer Profile A
load_balancer_profile
block as defined below. This can only be specified whenload_balancer_sku
is set tostandard
. Changing this forces a new resource to be created.- Load
Balancer stringSku Specifies the SKU of the Load Balancer used for this Kubernetes Cluster. Possible values are
basic
andstandard
. Defaults tostandard
. Changing this forces a new resource to be created.- Nat
Gateway KubernetesProfile Cluster Network Profile Nat Gateway Profile A
nat_gateway_profile
block as defined below. This can only be specified whenload_balancer_sku
is set tostandard
andoutbound_type
is set tomanagedNATGateway
oruserAssignedNATGateway
. Changing this forces a new resource to be created.- Network
Mode string Network mode to be used with Azure CNI. Possible values are
bridge
andtransparent
. Changing this forces a new resource to be created.- Network
Plugin stringMode Specifies the network plugin mode used for building the Kubernetes network. Possible value is
Overlay
. Changing this forces a new resource to be created.- Network
Policy string Sets up network policy to be used with Azure CNI. Network policy allows us to control the traffic flow between pods. Currently supported values are
calico
andazure
. Changing this forces a new resource to be created.- Outbound
Type string The outbound (egress) routing method which should be used for this Kubernetes Cluster. Possible values are
loadBalancer
,userDefinedRouting
,managedNATGateway
anduserAssignedNATGateway
. Defaults toloadBalancer
. Changing this forces a new resource to be created.- Pod
Cidr string The CIDR to use for pod IP addresses. This field can only be set when
network_plugin
is set tokubenet
. Changing this forces a new resource to be created.- Pod
Cidrs List<string> A list of CIDRs to use for pod IP addresses. For single-stack networking a single IPv4 CIDR is expected. For dual-stack networking an IPv4 and IPv6 CIDR are expected. Changing this forces a new resource to be created.
- Service
Cidr string The Network Range used by the Kubernetes service. Changing this forces a new resource to be created.
- Service
Cidrs List<string> A list of CIDRs to use for Kubernetes services. For single-stack networking a single IPv4 CIDR is expected. For dual-stack networking an IPv4 and IPv6 CIDR are expected. Changing this forces a new resource to be created.
- Network
Plugin string Network plugin to use for networking. Currently supported values are
azure
,kubenet
andnone
. Changing this forces a new resource to be created.- Dns
Service stringIp IP address within the Kubernetes service address range that will be used by cluster service discovery (kube-dns). Changing this forces a new resource to be created.
- Docker
Bridge stringCidr IP address (in CIDR notation) used as the Docker bridge IP address on nodes. Changing this forces a new resource to be created.
docker_bridge_cidr
has been deprecated as the API no longer supports it and will be removed in version 4.0 of the provider.- Ebpf
Data stringPlane Specifies the eBPF data plane used for building the Kubernetes network. Possible value is
cilium
. Changing this forces a new resource to be created.- Ip
Versions []string Specifies a list of IP versions the Kubernetes Cluster will use to assign IP addresses to its nodes and pods. Possible values are
IPv4
and/orIPv6
.IPv4
must always be specified. Changing this forces a new resource to be created.- Load
Balancer KubernetesProfile Cluster Network Profile Load Balancer Profile A
load_balancer_profile
block as defined below. This can only be specified whenload_balancer_sku
is set tostandard
. Changing this forces a new resource to be created.- Load
Balancer stringSku Specifies the SKU of the Load Balancer used for this Kubernetes Cluster. Possible values are
basic
andstandard
. Defaults tostandard
. Changing this forces a new resource to be created.- Nat
Gateway KubernetesProfile Cluster Network Profile Nat Gateway Profile A
nat_gateway_profile
block as defined below. This can only be specified whenload_balancer_sku
is set tostandard
andoutbound_type
is set tomanagedNATGateway
oruserAssignedNATGateway
. Changing this forces a new resource to be created.- Network
Mode string Network mode to be used with Azure CNI. Possible values are
bridge
andtransparent
. Changing this forces a new resource to be created.- Network
Plugin stringMode Specifies the network plugin mode used for building the Kubernetes network. Possible value is
Overlay
. Changing this forces a new resource to be created.- Network
Policy string Sets up network policy to be used with Azure CNI. Network policy allows us to control the traffic flow between pods. Currently supported values are
calico
andazure
. Changing this forces a new resource to be created.- Outbound
Type string The outbound (egress) routing method which should be used for this Kubernetes Cluster. Possible values are
loadBalancer
,userDefinedRouting
,managedNATGateway
anduserAssignedNATGateway
. Defaults toloadBalancer
. Changing this forces a new resource to be created.- Pod
Cidr string The CIDR to use for pod IP addresses. This field can only be set when
network_plugin
is set tokubenet
. Changing this forces a new resource to be created.- Pod
Cidrs []string A list of CIDRs to use for pod IP addresses. For single-stack networking a single IPv4 CIDR is expected. For dual-stack networking an IPv4 and IPv6 CIDR are expected. Changing this forces a new resource to be created.
- Service
Cidr string The Network Range used by the Kubernetes service. Changing this forces a new resource to be created.
- Service
Cidrs []string A list of CIDRs to use for Kubernetes services. For single-stack networking a single IPv4 CIDR is expected. For dual-stack networking an IPv4 and IPv6 CIDR are expected. Changing this forces a new resource to be created.
- network
Plugin String Network plugin to use for networking. Currently supported values are
azure
,kubenet
andnone
. Changing this forces a new resource to be created.- dns
Service StringIp IP address within the Kubernetes service address range that will be used by cluster service discovery (kube-dns). Changing this forces a new resource to be created.
- docker
Bridge StringCidr IP address (in CIDR notation) used as the Docker bridge IP address on nodes. Changing this forces a new resource to be created.
docker_bridge_cidr
has been deprecated as the API no longer supports it and will be removed in version 4.0 of the provider.- ebpf
Data StringPlane Specifies the eBPF data plane used for building the Kubernetes network. Possible value is
cilium
. Changing this forces a new resource to be created.- ip
Versions List<String> Specifies a list of IP versions the Kubernetes Cluster will use to assign IP addresses to its nodes and pods. Possible values are
IPv4
and/orIPv6
.IPv4
must always be specified. Changing this forces a new resource to be created.- load
Balancer KubernetesProfile Cluster Network Profile Load Balancer Profile A
load_balancer_profile
block as defined below. This can only be specified whenload_balancer_sku
is set tostandard
. Changing this forces a new resource to be created.- load
Balancer StringSku Specifies the SKU of the Load Balancer used for this Kubernetes Cluster. Possible values are
basic
andstandard
. Defaults tostandard
. Changing this forces a new resource to be created.- nat
Gateway KubernetesProfile Cluster Network Profile Nat Gateway Profile A
nat_gateway_profile
block as defined below. This can only be specified whenload_balancer_sku
is set tostandard
andoutbound_type
is set tomanagedNATGateway
oruserAssignedNATGateway
. Changing this forces a new resource to be created.- network
Mode String Network mode to be used with Azure CNI. Possible values are
bridge
andtransparent
. Changing this forces a new resource to be created.- network
Plugin StringMode Specifies the network plugin mode used for building the Kubernetes network. Possible value is
Overlay
. Changing this forces a new resource to be created.- network
Policy String Sets up network policy to be used with Azure CN