1. Packages
  2. Azure Classic
  3. API Docs
  4. containerservice
  5. KubernetesCluster

We recommend using Azure Native.

Azure Classic v5.43.0 published on Saturday, May 6, 2023 by Pulumi

azure.containerservice.KubernetesCluster

Explore with Pulumi AI

azure logo

We recommend using Azure Native.

Azure Classic v5.43.0 published on Saturday, May 6, 2023 by Pulumi

    Manages a Managed Kubernetes Cluster (also known as AKS / Azure Kubernetes Service)

    Example Usage

    This example provisions a basic Managed Kubernetes Cluster.

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Azure = Pulumi.Azure;
    
    return await Deployment.RunAsync(() => 
    {
        var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new()
        {
            Location = "West Europe",
        });
    
        var exampleKubernetesCluster = new Azure.ContainerService.KubernetesCluster("exampleKubernetesCluster", new()
        {
            Location = exampleResourceGroup.Location,
            ResourceGroupName = exampleResourceGroup.Name,
            DnsPrefix = "exampleaks1",
            DefaultNodePool = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolArgs
            {
                Name = "default",
                NodeCount = 1,
                VmSize = "Standard_D2_v2",
            },
            Identity = new Azure.ContainerService.Inputs.KubernetesClusterIdentityArgs
            {
                Type = "SystemAssigned",
            },
            Tags = 
            {
                { "Environment", "Production" },
            },
        });
    
        return new Dictionary<string, object?>
        {
            ["clientCertificate"] = exampleKubernetesCluster.KubeConfigs.Apply(kubeConfigs => kubeConfigs[0].ClientCertificate),
            ["kubeConfig"] = exampleKubernetesCluster.KubeConfigRaw,
        };
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/containerservice"
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
    			Location: pulumi.String("West Europe"),
    		})
    		if err != nil {
    			return err
    		}
    		exampleKubernetesCluster, err := containerservice.NewKubernetesCluster(ctx, "exampleKubernetesCluster", &containerservice.KubernetesClusterArgs{
    			Location:          exampleResourceGroup.Location,
    			ResourceGroupName: exampleResourceGroup.Name,
    			DnsPrefix:         pulumi.String("exampleaks1"),
    			DefaultNodePool: &containerservice.KubernetesClusterDefaultNodePoolArgs{
    				Name:      pulumi.String("default"),
    				NodeCount: pulumi.Int(1),
    				VmSize:    pulumi.String("Standard_D2_v2"),
    			},
    			Identity: &containerservice.KubernetesClusterIdentityArgs{
    				Type: pulumi.String("SystemAssigned"),
    			},
    			Tags: pulumi.StringMap{
    				"Environment": pulumi.String("Production"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		ctx.Export("clientCertificate", exampleKubernetesCluster.KubeConfigs.ApplyT(func(kubeConfigs []containerservice.KubernetesClusterKubeConfig) (*string, error) {
    			return &kubeConfigs[0].ClientCertificate, nil
    		}).(pulumi.StringPtrOutput))
    		ctx.Export("kubeConfig", exampleKubernetesCluster.KubeConfigRaw)
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azure.core.ResourceGroup;
    import com.pulumi.azure.core.ResourceGroupArgs;
    import com.pulumi.azure.containerservice.KubernetesCluster;
    import com.pulumi.azure.containerservice.KubernetesClusterArgs;
    import com.pulumi.azure.containerservice.inputs.KubernetesClusterDefaultNodePoolArgs;
    import com.pulumi.azure.containerservice.inputs.KubernetesClusterIdentityArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()        
                .location("West Europe")
                .build());
    
            var exampleKubernetesCluster = new KubernetesCluster("exampleKubernetesCluster", KubernetesClusterArgs.builder()        
                .location(exampleResourceGroup.location())
                .resourceGroupName(exampleResourceGroup.name())
                .dnsPrefix("exampleaks1")
                .defaultNodePool(KubernetesClusterDefaultNodePoolArgs.builder()
                    .name("default")
                    .nodeCount(1)
                    .vmSize("Standard_D2_v2")
                    .build())
                .identity(KubernetesClusterIdentityArgs.builder()
                    .type("SystemAssigned")
                    .build())
                .tags(Map.of("Environment", "Production"))
                .build());
    
            ctx.export("clientCertificate", exampleKubernetesCluster.kubeConfigs().applyValue(kubeConfigs -> kubeConfigs[0].clientCertificate()));
            ctx.export("kubeConfig", exampleKubernetesCluster.kubeConfigRaw());
        }
    }
    
    import pulumi
    import pulumi_azure as azure
    
    example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
    example_kubernetes_cluster = azure.containerservice.KubernetesCluster("exampleKubernetesCluster",
        location=example_resource_group.location,
        resource_group_name=example_resource_group.name,
        dns_prefix="exampleaks1",
        default_node_pool=azure.containerservice.KubernetesClusterDefaultNodePoolArgs(
            name="default",
            node_count=1,
            vm_size="Standard_D2_v2",
        ),
        identity=azure.containerservice.KubernetesClusterIdentityArgs(
            type="SystemAssigned",
        ),
        tags={
            "Environment": "Production",
        })
    pulumi.export("clientCertificate", example_kubernetes_cluster.kube_configs[0].client_certificate)
    pulumi.export("kubeConfig", example_kubernetes_cluster.kube_config_raw)
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure from "@pulumi/azure";
    
    const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"});
    const exampleKubernetesCluster = new azure.containerservice.KubernetesCluster("exampleKubernetesCluster", {
        location: exampleResourceGroup.location,
        resourceGroupName: exampleResourceGroup.name,
        dnsPrefix: "exampleaks1",
        defaultNodePool: {
            name: "default",
            nodeCount: 1,
            vmSize: "Standard_D2_v2",
        },
        identity: {
            type: "SystemAssigned",
        },
        tags: {
            Environment: "Production",
        },
    });
    export const clientCertificate = exampleKubernetesCluster.kubeConfigs.apply(kubeConfigs => kubeConfigs[0].clientCertificate);
    export const kubeConfig = exampleKubernetesCluster.kubeConfigRaw;
    
    resources:
      exampleResourceGroup:
        type: azure:core:ResourceGroup
        properties:
          location: West Europe
      exampleKubernetesCluster:
        type: azure:containerservice:KubernetesCluster
        properties:
          location: ${exampleResourceGroup.location}
          resourceGroupName: ${exampleResourceGroup.name}
          dnsPrefix: exampleaks1
          defaultNodePool:
            name: default
            nodeCount: 1
            vmSize: Standard_D2_v2
          identity:
            type: SystemAssigned
          tags:
            Environment: Production
    outputs:
      clientCertificate: ${exampleKubernetesCluster.kubeConfigs[0].clientCertificate}
      kubeConfig: ${exampleKubernetesCluster.kubeConfigRaw}
    

    Create KubernetesCluster Resource

    new KubernetesCluster(name: string, args: KubernetesClusterArgs, opts?: CustomResourceOptions);
    @overload
    def KubernetesCluster(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          aci_connector_linux: Optional[KubernetesClusterAciConnectorLinuxArgs] = None,
                          api_server_access_profile: Optional[KubernetesClusterApiServerAccessProfileArgs] = None,
                          api_server_authorized_ip_ranges: Optional[Sequence[str]] = None,
                          auto_scaler_profile: Optional[KubernetesClusterAutoScalerProfileArgs] = None,
                          automatic_channel_upgrade: Optional[str] = None,
                          azure_active_directory_role_based_access_control: Optional[KubernetesClusterAzureActiveDirectoryRoleBasedAccessControlArgs] = None,
                          azure_policy_enabled: Optional[bool] = None,
                          confidential_computing: Optional[KubernetesClusterConfidentialComputingArgs] = None,
                          default_node_pool: Optional[KubernetesClusterDefaultNodePoolArgs] = None,
                          disk_encryption_set_id: Optional[str] = None,
                          dns_prefix: Optional[str] = None,
                          dns_prefix_private_cluster: Optional[str] = None,
                          edge_zone: Optional[str] = None,
                          enable_pod_security_policy: Optional[bool] = None,
                          http_application_routing_enabled: Optional[bool] = None,
                          http_proxy_config: Optional[KubernetesClusterHttpProxyConfigArgs] = None,
                          identity: Optional[KubernetesClusterIdentityArgs] = None,
                          image_cleaner_enabled: Optional[bool] = None,
                          image_cleaner_interval_hours: Optional[int] = None,
                          ingress_application_gateway: Optional[KubernetesClusterIngressApplicationGatewayArgs] = None,
                          key_management_service: Optional[KubernetesClusterKeyManagementServiceArgs] = None,
                          key_vault_secrets_provider: Optional[KubernetesClusterKeyVaultSecretsProviderArgs] = None,
                          kubelet_identity: Optional[KubernetesClusterKubeletIdentityArgs] = None,
                          kubernetes_version: Optional[str] = None,
                          linux_profile: Optional[KubernetesClusterLinuxProfileArgs] = None,
                          local_account_disabled: Optional[bool] = None,
                          location: Optional[str] = None,
                          maintenance_window: Optional[KubernetesClusterMaintenanceWindowArgs] = None,
                          microsoft_defender: Optional[KubernetesClusterMicrosoftDefenderArgs] = None,
                          monitor_metrics: Optional[KubernetesClusterMonitorMetricsArgs] = None,
                          name: Optional[str] = None,
                          network_profile: Optional[KubernetesClusterNetworkProfileArgs] = None,
                          node_resource_group: Optional[str] = None,
                          oidc_issuer_enabled: Optional[bool] = None,
                          oms_agent: Optional[KubernetesClusterOmsAgentArgs] = None,
                          open_service_mesh_enabled: Optional[bool] = None,
                          private_cluster_enabled: Optional[bool] = None,
                          private_cluster_public_fqdn_enabled: Optional[bool] = None,
                          private_dns_zone_id: Optional[str] = None,
                          public_network_access_enabled: Optional[bool] = None,
                          resource_group_name: Optional[str] = None,
                          role_based_access_control_enabled: Optional[bool] = None,
                          run_command_enabled: Optional[bool] = None,
                          service_mesh_profile: Optional[KubernetesClusterServiceMeshProfileArgs] = None,
                          service_principal: Optional[KubernetesClusterServicePrincipalArgs] = None,
                          sku_tier: Optional[str] = None,
                          storage_profile: Optional[KubernetesClusterStorageProfileArgs] = None,
                          tags: Optional[Mapping[str, str]] = None,
                          web_app_routing: Optional[KubernetesClusterWebAppRoutingArgs] = None,
                          windows_profile: Optional[KubernetesClusterWindowsProfileArgs] = None,
                          workload_autoscaler_profile: Optional[KubernetesClusterWorkloadAutoscalerProfileArgs] = None,
                          workload_identity_enabled: Optional[bool] = None)
    @overload
    def KubernetesCluster(resource_name: str,
                          args: KubernetesClusterArgs,
                          opts: Optional[ResourceOptions] = None)
    func NewKubernetesCluster(ctx *Context, name string, args KubernetesClusterArgs, opts ...ResourceOption) (*KubernetesCluster, error)
    public KubernetesCluster(string name, KubernetesClusterArgs args, CustomResourceOptions? opts = null)
    public KubernetesCluster(String name, KubernetesClusterArgs args)
    public KubernetesCluster(String name, KubernetesClusterArgs args, CustomResourceOptions options)
    
    type: azure:containerservice:KubernetesCluster
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args KubernetesClusterArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args KubernetesClusterArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args KubernetesClusterArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args KubernetesClusterArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args KubernetesClusterArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    KubernetesCluster Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The KubernetesCluster resource accepts the following input properties:

    DefaultNodePool KubernetesClusterDefaultNodePoolArgs

    A default_node_pool block as defined below.

    ResourceGroupName string

    Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    AciConnectorLinux KubernetesClusterAciConnectorLinuxArgs

    A aci_connector_linux block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.

    ApiServerAccessProfile KubernetesClusterApiServerAccessProfileArgs

    An api_server_access_profile block as defined below.

    ApiServerAuthorizedIpRanges List<string>

    Deprecated:

    This property has been renamed to authorized_ip_ranges within the api_server_access_profile block and will be removed in v4.0 of the provider

    AutoScalerProfile KubernetesClusterAutoScalerProfileArgs

    A auto_scaler_profile block as defined below.

    AutomaticChannelUpgrade string

    The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none.

    AzureActiveDirectoryRoleBasedAccessControl KubernetesClusterAzureActiveDirectoryRoleBasedAccessControlArgs

    A azure_active_directory_role_based_access_control block as defined below.

    AzurePolicyEnabled bool

    Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service

    ConfidentialComputing KubernetesClusterConfidentialComputingArgs

    A confidential_computing block as defined below. For more details please the documentation

    DiskEncryptionSetId string

    The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.

    DnsPrefix string

    DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.

    DnsPrefixPrivateCluster string

    Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.

    EdgeZone string

    Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    EnablePodSecurityPolicy bool

    Deprecated:

    The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.

    HttpApplicationRoutingEnabled bool

    Should HTTP Application Routing be enabled?

    HttpProxyConfig KubernetesClusterHttpProxyConfigArgs

    A http_proxy_config block as defined below.

    Identity KubernetesClusterIdentityArgs

    An identity block as defined below. One of either identity or service_principal must be specified.

    ImageCleanerEnabled bool

    Specifies whether Image Cleaner is enabled.

    ImageCleanerIntervalHours int

    Specifies the interval in hours when images should be cleaned up. Defaults to 48.

    IngressApplicationGateway KubernetesClusterIngressApplicationGatewayArgs

    A ingress_application_gateway block as defined below.

    KeyManagementService KubernetesClusterKeyManagementServiceArgs

    A key_management_service block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.

    KeyVaultSecretsProvider KubernetesClusterKeyVaultSecretsProviderArgs

    A key_vault_secrets_provider block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.

    KubeletIdentity KubernetesClusterKubeletIdentityArgs

    A kubelet_identity block as defined below.

    KubernetesVersion string

    Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    LinuxProfile KubernetesClusterLinuxProfileArgs

    A linux_profile block as defined below.

    LocalAccountDisabled bool

    If true local accounts will be disabled. See the documentation for more information.

    Location string

    The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.

    MaintenanceWindow KubernetesClusterMaintenanceWindowArgs

    A maintenance_window block as defined below.

    MicrosoftDefender KubernetesClusterMicrosoftDefenderArgs

    A microsoft_defender block as defined below.

    MonitorMetrics KubernetesClusterMonitorMetricsArgs

    Specifies a Prometheus add-on profile for the Kubernetes Cluster. A monitor_metrics block as defined below.

    Name string

    The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.

    NetworkProfile KubernetesClusterNetworkProfileArgs

    A network_profile block as defined below. Changing this forces a new resource to be created.

    NodeResourceGroup string

    The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.

    OidcIssuerEnabled bool

    Enable or Disable the OIDC issuer URL

    OmsAgent KubernetesClusterOmsAgentArgs

    A oms_agent block as defined below.

    OpenServiceMeshEnabled bool

    Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.

    PrivateClusterEnabled bool

    Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to false. Changing this forces a new resource to be created.

    PrivateClusterPublicFqdnEnabled bool

    Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to false.

    PrivateDnsZoneId string

    Either the ID of Private DNS Zone which should be delegated to this Cluster, System to have AKS manage this or None. In case of None you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.

    PublicNetworkAccessEnabled bool

    Whether public network access is allowed for this Kubernetes Cluster. Defaults to true. Changing this forces a new resource to be created.

    RoleBasedAccessControlEnabled bool

    Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to true. Changing this forces a new resource to be created.

    RunCommandEnabled bool

    Whether to enable run command for the cluster or not. Defaults to true.

    ServiceMeshProfile KubernetesClusterServiceMeshProfileArgs

    A service_mesh_profile block as defined below.

    ServicePrincipal KubernetesClusterServicePrincipalArgs

    A service_principal block as documented below. One of either identity or service_principal must be specified.

    SkuTier string

    The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free, and Standard (which includes the Uptime SLA). Defaults to Free.

    StorageProfile KubernetesClusterStorageProfileArgs

    A storage_profile block as defined below.

    Tags Dictionary<string, string>

    A mapping of tags to assign to the resource.

    WebAppRouting KubernetesClusterWebAppRoutingArgs

    A web_app_routing block as defined below.

    WindowsProfile KubernetesClusterWindowsProfileArgs

    A windows_profile block as defined below.

    WorkloadAutoscalerProfile KubernetesClusterWorkloadAutoscalerProfileArgs

    A workload_autoscaler_profile block defined below.

    WorkloadIdentityEnabled bool

    Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to false.

    DefaultNodePool KubernetesClusterDefaultNodePoolArgs

    A default_node_pool block as defined below.

    ResourceGroupName string

    Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    AciConnectorLinux KubernetesClusterAciConnectorLinuxArgs

    A aci_connector_linux block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.

    ApiServerAccessProfile KubernetesClusterApiServerAccessProfileArgs

    An api_server_access_profile block as defined below.

    ApiServerAuthorizedIpRanges []string

    Deprecated:

    This property has been renamed to authorized_ip_ranges within the api_server_access_profile block and will be removed in v4.0 of the provider

    AutoScalerProfile KubernetesClusterAutoScalerProfileArgs

    A auto_scaler_profile block as defined below.

    AutomaticChannelUpgrade string

    The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none.

    AzureActiveDirectoryRoleBasedAccessControl KubernetesClusterAzureActiveDirectoryRoleBasedAccessControlArgs

    A azure_active_directory_role_based_access_control block as defined below.

    AzurePolicyEnabled bool

    Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service

    ConfidentialComputing KubernetesClusterConfidentialComputingArgs

    A confidential_computing block as defined below. For more details please the documentation

    DiskEncryptionSetId string

    The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.

    DnsPrefix string

    DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.

    DnsPrefixPrivateCluster string

    Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.

    EdgeZone string

    Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    EnablePodSecurityPolicy bool

    Deprecated:

    The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.

    HttpApplicationRoutingEnabled bool

    Should HTTP Application Routing be enabled?

    HttpProxyConfig KubernetesClusterHttpProxyConfigArgs

    A http_proxy_config block as defined below.

    Identity KubernetesClusterIdentityArgs

    An identity block as defined below. One of either identity or service_principal must be specified.

    ImageCleanerEnabled bool

    Specifies whether Image Cleaner is enabled.

    ImageCleanerIntervalHours int

    Specifies the interval in hours when images should be cleaned up. Defaults to 48.

    IngressApplicationGateway KubernetesClusterIngressApplicationGatewayArgs

    A ingress_application_gateway block as defined below.

    KeyManagementService KubernetesClusterKeyManagementServiceArgs

    A key_management_service block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.

    KeyVaultSecretsProvider KubernetesClusterKeyVaultSecretsProviderArgs

    A key_vault_secrets_provider block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.

    KubeletIdentity KubernetesClusterKubeletIdentityArgs

    A kubelet_identity block as defined below.

    KubernetesVersion string

    Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    LinuxProfile KubernetesClusterLinuxProfileArgs

    A linux_profile block as defined below.

    LocalAccountDisabled bool

    If true local accounts will be disabled. See the documentation for more information.

    Location string

    The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.

    MaintenanceWindow KubernetesClusterMaintenanceWindowArgs

    A maintenance_window block as defined below.

    MicrosoftDefender KubernetesClusterMicrosoftDefenderArgs

    A microsoft_defender block as defined below.

    MonitorMetrics KubernetesClusterMonitorMetricsArgs

    Specifies a Prometheus add-on profile for the Kubernetes Cluster. A monitor_metrics block as defined below.

    Name string

    The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.

    NetworkProfile KubernetesClusterNetworkProfileArgs

    A network_profile block as defined below. Changing this forces a new resource to be created.

    NodeResourceGroup string

    The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.

    OidcIssuerEnabled bool

    Enable or Disable the OIDC issuer URL

    OmsAgent KubernetesClusterOmsAgentArgs

    A oms_agent block as defined below.

    OpenServiceMeshEnabled bool

    Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.

    PrivateClusterEnabled bool

    Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to false. Changing this forces a new resource to be created.

    PrivateClusterPublicFqdnEnabled bool

    Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to false.

    PrivateDnsZoneId string

    Either the ID of Private DNS Zone which should be delegated to this Cluster, System to have AKS manage this or None. In case of None you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.

    PublicNetworkAccessEnabled bool

    Whether public network access is allowed for this Kubernetes Cluster. Defaults to true. Changing this forces a new resource to be created.

    RoleBasedAccessControlEnabled bool

    Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to true. Changing this forces a new resource to be created.

    RunCommandEnabled bool

    Whether to enable run command for the cluster or not. Defaults to true.

    ServiceMeshProfile KubernetesClusterServiceMeshProfileArgs

    A service_mesh_profile block as defined below.

    ServicePrincipal KubernetesClusterServicePrincipalArgs

    A service_principal block as documented below. One of either identity or service_principal must be specified.

    SkuTier string

    The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free, and Standard (which includes the Uptime SLA). Defaults to Free.

    StorageProfile KubernetesClusterStorageProfileArgs

    A storage_profile block as defined below.

    Tags map[string]string

    A mapping of tags to assign to the resource.

    WebAppRouting KubernetesClusterWebAppRoutingArgs

    A web_app_routing block as defined below.

    WindowsProfile KubernetesClusterWindowsProfileArgs

    A windows_profile block as defined below.

    WorkloadAutoscalerProfile KubernetesClusterWorkloadAutoscalerProfileArgs

    A workload_autoscaler_profile block defined below.

    WorkloadIdentityEnabled bool

    Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to false.

    defaultNodePool KubernetesClusterDefaultNodePoolArgs

    A default_node_pool block as defined below.

    resourceGroupName String

    Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    aciConnectorLinux KubernetesClusterAciConnectorLinuxArgs

    A aci_connector_linux block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.

    apiServerAccessProfile KubernetesClusterApiServerAccessProfileArgs

    An api_server_access_profile block as defined below.

    apiServerAuthorizedIpRanges List<String>

    Deprecated:

    This property has been renamed to authorized_ip_ranges within the api_server_access_profile block and will be removed in v4.0 of the provider

    autoScalerProfile KubernetesClusterAutoScalerProfileArgs

    A auto_scaler_profile block as defined below.

    automaticChannelUpgrade String

    The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none.

    azureActiveDirectoryRoleBasedAccessControl KubernetesClusterAzureActiveDirectoryRoleBasedAccessControlArgs

    A azure_active_directory_role_based_access_control block as defined below.

    azurePolicyEnabled Boolean

    Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service

    confidentialComputing KubernetesClusterConfidentialComputingArgs

    A confidential_computing block as defined below. For more details please the documentation

    diskEncryptionSetId String

    The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.

    dnsPrefix String

    DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.

    dnsPrefixPrivateCluster String

    Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.

    edgeZone String

    Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    enablePodSecurityPolicy Boolean

    Deprecated:

    The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.

    httpApplicationRoutingEnabled Boolean

    Should HTTP Application Routing be enabled?

    httpProxyConfig KubernetesClusterHttpProxyConfigArgs

    A http_proxy_config block as defined below.

    identity KubernetesClusterIdentityArgs

    An identity block as defined below. One of either identity or service_principal must be specified.

    imageCleanerEnabled Boolean

    Specifies whether Image Cleaner is enabled.

    imageCleanerIntervalHours Integer

    Specifies the interval in hours when images should be cleaned up. Defaults to 48.

    ingressApplicationGateway KubernetesClusterIngressApplicationGatewayArgs

    A ingress_application_gateway block as defined below.

    keyManagementService KubernetesClusterKeyManagementServiceArgs

    A key_management_service block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.

    keyVaultSecretsProvider KubernetesClusterKeyVaultSecretsProviderArgs

    A key_vault_secrets_provider block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.

    kubeletIdentity KubernetesClusterKubeletIdentityArgs

    A kubelet_identity block as defined below.

    kubernetesVersion String

    Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    linuxProfile KubernetesClusterLinuxProfileArgs

    A linux_profile block as defined below.

    localAccountDisabled Boolean

    If true local accounts will be disabled. See the documentation for more information.

    location String

    The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.

    maintenanceWindow KubernetesClusterMaintenanceWindowArgs

    A maintenance_window block as defined below.

    microsoftDefender KubernetesClusterMicrosoftDefenderArgs

    A microsoft_defender block as defined below.

    monitorMetrics KubernetesClusterMonitorMetricsArgs

    Specifies a Prometheus add-on profile for the Kubernetes Cluster. A monitor_metrics block as defined below.

    name String

    The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.

    networkProfile KubernetesClusterNetworkProfileArgs

    A network_profile block as defined below. Changing this forces a new resource to be created.

    nodeResourceGroup String

    The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.

    oidcIssuerEnabled Boolean

    Enable or Disable the OIDC issuer URL

    omsAgent KubernetesClusterOmsAgentArgs

    A oms_agent block as defined below.

    openServiceMeshEnabled Boolean

    Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.

    privateClusterEnabled Boolean

    Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to false. Changing this forces a new resource to be created.

    privateClusterPublicFqdnEnabled Boolean

    Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to false.

    privateDnsZoneId String

    Either the ID of Private DNS Zone which should be delegated to this Cluster, System to have AKS manage this or None. In case of None you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.

    publicNetworkAccessEnabled Boolean

    Whether public network access is allowed for this Kubernetes Cluster. Defaults to true. Changing this forces a new resource to be created.

    roleBasedAccessControlEnabled Boolean

    Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to true. Changing this forces a new resource to be created.

    runCommandEnabled Boolean

    Whether to enable run command for the cluster or not. Defaults to true.

    serviceMeshProfile KubernetesClusterServiceMeshProfileArgs

    A service_mesh_profile block as defined below.

    servicePrincipal KubernetesClusterServicePrincipalArgs

    A service_principal block as documented below. One of either identity or service_principal must be specified.

    skuTier String

    The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free, and Standard (which includes the Uptime SLA). Defaults to Free.

    storageProfile KubernetesClusterStorageProfileArgs

    A storage_profile block as defined below.

    tags Map<String,String>

    A mapping of tags to assign to the resource.

    webAppRouting KubernetesClusterWebAppRoutingArgs

    A web_app_routing block as defined below.

    windowsProfile KubernetesClusterWindowsProfileArgs

    A windows_profile block as defined below.

    workloadAutoscalerProfile KubernetesClusterWorkloadAutoscalerProfileArgs

    A workload_autoscaler_profile block defined below.

    workloadIdentityEnabled Boolean

    Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to false.

    defaultNodePool KubernetesClusterDefaultNodePoolArgs

    A default_node_pool block as defined below.

    resourceGroupName string

    Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    aciConnectorLinux KubernetesClusterAciConnectorLinuxArgs

    A aci_connector_linux block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.

    apiServerAccessProfile KubernetesClusterApiServerAccessProfileArgs

    An api_server_access_profile block as defined below.

    apiServerAuthorizedIpRanges string[]

    Deprecated:

    This property has been renamed to authorized_ip_ranges within the api_server_access_profile block and will be removed in v4.0 of the provider

    autoScalerProfile KubernetesClusterAutoScalerProfileArgs

    A auto_scaler_profile block as defined below.

    automaticChannelUpgrade string

    The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none.

    azureActiveDirectoryRoleBasedAccessControl KubernetesClusterAzureActiveDirectoryRoleBasedAccessControlArgs

    A azure_active_directory_role_based_access_control block as defined below.

    azurePolicyEnabled boolean

    Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service

    confidentialComputing KubernetesClusterConfidentialComputingArgs

    A confidential_computing block as defined below. For more details please the documentation

    diskEncryptionSetId string

    The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.

    dnsPrefix string

    DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.

    dnsPrefixPrivateCluster string

    Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.

    edgeZone string

    Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    enablePodSecurityPolicy boolean

    Deprecated:

    The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.

    httpApplicationRoutingEnabled boolean

    Should HTTP Application Routing be enabled?

    httpProxyConfig KubernetesClusterHttpProxyConfigArgs

    A http_proxy_config block as defined below.

    identity KubernetesClusterIdentityArgs

    An identity block as defined below. One of either identity or service_principal must be specified.

    imageCleanerEnabled boolean

    Specifies whether Image Cleaner is enabled.

    imageCleanerIntervalHours number

    Specifies the interval in hours when images should be cleaned up. Defaults to 48.

    ingressApplicationGateway KubernetesClusterIngressApplicationGatewayArgs

    A ingress_application_gateway block as defined below.

    keyManagementService KubernetesClusterKeyManagementServiceArgs

    A key_management_service block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.

    keyVaultSecretsProvider KubernetesClusterKeyVaultSecretsProviderArgs

    A key_vault_secrets_provider block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.

    kubeletIdentity KubernetesClusterKubeletIdentityArgs

    A kubelet_identity block as defined below.

    kubernetesVersion string

    Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    linuxProfile KubernetesClusterLinuxProfileArgs

    A linux_profile block as defined below.

    localAccountDisabled boolean

    If true local accounts will be disabled. See the documentation for more information.

    location string

    The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.

    maintenanceWindow KubernetesClusterMaintenanceWindowArgs

    A maintenance_window block as defined below.

    microsoftDefender KubernetesClusterMicrosoftDefenderArgs

    A microsoft_defender block as defined below.

    monitorMetrics KubernetesClusterMonitorMetricsArgs

    Specifies a Prometheus add-on profile for the Kubernetes Cluster. A monitor_metrics block as defined below.

    name string

    The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.

    networkProfile KubernetesClusterNetworkProfileArgs

    A network_profile block as defined below. Changing this forces a new resource to be created.

    nodeResourceGroup string

    The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.

    oidcIssuerEnabled boolean

    Enable or Disable the OIDC issuer URL

    omsAgent KubernetesClusterOmsAgentArgs

    A oms_agent block as defined below.

    openServiceMeshEnabled boolean

    Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.

    privateClusterEnabled boolean

    Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to false. Changing this forces a new resource to be created.

    privateClusterPublicFqdnEnabled boolean

    Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to false.

    privateDnsZoneId string

    Either the ID of Private DNS Zone which should be delegated to this Cluster, System to have AKS manage this or None. In case of None you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.

    publicNetworkAccessEnabled boolean

    Whether public network access is allowed for this Kubernetes Cluster. Defaults to true. Changing this forces a new resource to be created.

    roleBasedAccessControlEnabled boolean

    Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to true. Changing this forces a new resource to be created.

    runCommandEnabled boolean

    Whether to enable run command for the cluster or not. Defaults to true.

    serviceMeshProfile KubernetesClusterServiceMeshProfileArgs

    A service_mesh_profile block as defined below.

    servicePrincipal KubernetesClusterServicePrincipalArgs

    A service_principal block as documented below. One of either identity or service_principal must be specified.

    skuTier string

    The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free, and Standard (which includes the Uptime SLA). Defaults to Free.

    storageProfile KubernetesClusterStorageProfileArgs

    A storage_profile block as defined below.

    tags {[key: string]: string}

    A mapping of tags to assign to the resource.

    webAppRouting KubernetesClusterWebAppRoutingArgs

    A web_app_routing block as defined below.

    windowsProfile KubernetesClusterWindowsProfileArgs

    A windows_profile block as defined below.

    workloadAutoscalerProfile KubernetesClusterWorkloadAutoscalerProfileArgs

    A workload_autoscaler_profile block defined below.

    workloadIdentityEnabled boolean

    Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to false.

    default_node_pool KubernetesClusterDefaultNodePoolArgs

    A default_node_pool block as defined below.

    resource_group_name str

    Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    aci_connector_linux KubernetesClusterAciConnectorLinuxArgs

    A aci_connector_linux block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.

    api_server_access_profile KubernetesClusterApiServerAccessProfileArgs

    An api_server_access_profile block as defined below.

    api_server_authorized_ip_ranges Sequence[str]

    Deprecated:

    This property has been renamed to authorized_ip_ranges within the api_server_access_profile block and will be removed in v4.0 of the provider

    auto_scaler_profile KubernetesClusterAutoScalerProfileArgs

    A auto_scaler_profile block as defined below.

    automatic_channel_upgrade str

    The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none.

    azure_active_directory_role_based_access_control KubernetesClusterAzureActiveDirectoryRoleBasedAccessControlArgs

    A azure_active_directory_role_based_access_control block as defined below.

    azure_policy_enabled bool

    Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service

    confidential_computing KubernetesClusterConfidentialComputingArgs

    A confidential_computing block as defined below. For more details please the documentation

    disk_encryption_set_id str

    The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.

    dns_prefix str

    DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.

    dns_prefix_private_cluster str

    Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.

    edge_zone str

    Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    enable_pod_security_policy bool

    Deprecated:

    The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.

    http_application_routing_enabled bool

    Should HTTP Application Routing be enabled?

    http_proxy_config KubernetesClusterHttpProxyConfigArgs

    A http_proxy_config block as defined below.

    identity KubernetesClusterIdentityArgs

    An identity block as defined below. One of either identity or service_principal must be specified.

    image_cleaner_enabled bool

    Specifies whether Image Cleaner is enabled.

    image_cleaner_interval_hours int

    Specifies the interval in hours when images should be cleaned up. Defaults to 48.

    ingress_application_gateway KubernetesClusterIngressApplicationGatewayArgs

    A ingress_application_gateway block as defined below.

    key_management_service KubernetesClusterKeyManagementServiceArgs

    A key_management_service block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.

    key_vault_secrets_provider KubernetesClusterKeyVaultSecretsProviderArgs

    A key_vault_secrets_provider block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.

    kubelet_identity KubernetesClusterKubeletIdentityArgs

    A kubelet_identity block as defined below.

    kubernetes_version str

    Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    linux_profile KubernetesClusterLinuxProfileArgs

    A linux_profile block as defined below.

    local_account_disabled bool

    If true local accounts will be disabled. See the documentation for more information.

    location str

    The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.

    maintenance_window KubernetesClusterMaintenanceWindowArgs

    A maintenance_window block as defined below.

    microsoft_defender KubernetesClusterMicrosoftDefenderArgs

    A microsoft_defender block as defined below.

    monitor_metrics KubernetesClusterMonitorMetricsArgs

    Specifies a Prometheus add-on profile for the Kubernetes Cluster. A monitor_metrics block as defined below.

    name str

    The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.

    network_profile KubernetesClusterNetworkProfileArgs

    A network_profile block as defined below. Changing this forces a new resource to be created.

    node_resource_group str

    The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.

    oidc_issuer_enabled bool

    Enable or Disable the OIDC issuer URL

    oms_agent KubernetesClusterOmsAgentArgs

    A oms_agent block as defined below.

    open_service_mesh_enabled bool

    Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.

    private_cluster_enabled bool

    Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to false. Changing this forces a new resource to be created.

    private_cluster_public_fqdn_enabled bool

    Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to false.

    private_dns_zone_id str

    Either the ID of Private DNS Zone which should be delegated to this Cluster, System to have AKS manage this or None. In case of None you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.

    public_network_access_enabled bool

    Whether public network access is allowed for this Kubernetes Cluster. Defaults to true. Changing this forces a new resource to be created.

    role_based_access_control_enabled bool

    Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to true. Changing this forces a new resource to be created.

    run_command_enabled bool

    Whether to enable run command for the cluster or not. Defaults to true.

    service_mesh_profile KubernetesClusterServiceMeshProfileArgs

    A service_mesh_profile block as defined below.

    service_principal KubernetesClusterServicePrincipalArgs

    A service_principal block as documented below. One of either identity or service_principal must be specified.

    sku_tier str

    The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free, and Standard (which includes the Uptime SLA). Defaults to Free.

    storage_profile KubernetesClusterStorageProfileArgs

    A storage_profile block as defined below.

    tags Mapping[str, str]

    A mapping of tags to assign to the resource.

    web_app_routing KubernetesClusterWebAppRoutingArgs

    A web_app_routing block as defined below.

    windows_profile KubernetesClusterWindowsProfileArgs

    A windows_profile block as defined below.

    workload_autoscaler_profile KubernetesClusterWorkloadAutoscalerProfileArgs

    A workload_autoscaler_profile block defined below.

    workload_identity_enabled bool

    Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to false.

    defaultNodePool Property Map

    A default_node_pool block as defined below.

    resourceGroupName String

    Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    aciConnectorLinux Property Map

    A aci_connector_linux block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.

    apiServerAccessProfile Property Map

    An api_server_access_profile block as defined below.

    apiServerAuthorizedIpRanges List<String>

    Deprecated:

    This property has been renamed to authorized_ip_ranges within the api_server_access_profile block and will be removed in v4.0 of the provider

    autoScalerProfile Property Map

    A auto_scaler_profile block as defined below.

    automaticChannelUpgrade String

    The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none.

    azureActiveDirectoryRoleBasedAccessControl Property Map

    A azure_active_directory_role_based_access_control block as defined below.

    azurePolicyEnabled Boolean

    Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service

    confidentialComputing Property Map

    A confidential_computing block as defined below. For more details please the documentation

    diskEncryptionSetId String

    The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.

    dnsPrefix String

    DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.

    dnsPrefixPrivateCluster String

    Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.

    edgeZone String

    Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    enablePodSecurityPolicy Boolean

    Deprecated:

    The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.

    httpApplicationRoutingEnabled Boolean

    Should HTTP Application Routing be enabled?

    httpProxyConfig Property Map

    A http_proxy_config block as defined below.

    identity Property Map

    An identity block as defined below. One of either identity or service_principal must be specified.

    imageCleanerEnabled Boolean

    Specifies whether Image Cleaner is enabled.

    imageCleanerIntervalHours Number

    Specifies the interval in hours when images should be cleaned up. Defaults to 48.

    ingressApplicationGateway Property Map

    A ingress_application_gateway block as defined below.

    keyManagementService Property Map

    A key_management_service block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.

    keyVaultSecretsProvider Property Map

    A key_vault_secrets_provider block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.

    kubeletIdentity Property Map

    A kubelet_identity block as defined below.

    kubernetesVersion String

    Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    linuxProfile Property Map

    A linux_profile block as defined below.

    localAccountDisabled Boolean

    If true local accounts will be disabled. See the documentation for more information.

    location String

    The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.

    maintenanceWindow Property Map

    A maintenance_window block as defined below.

    microsoftDefender Property Map

    A microsoft_defender block as defined below.

    monitorMetrics Property Map

    Specifies a Prometheus add-on profile for the Kubernetes Cluster. A monitor_metrics block as defined below.

    name String

    The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.

    networkProfile Property Map

    A network_profile block as defined below. Changing this forces a new resource to be created.

    nodeResourceGroup String

    The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.

    oidcIssuerEnabled Boolean

    Enable or Disable the OIDC issuer URL

    omsAgent Property Map

    A oms_agent block as defined below.

    openServiceMeshEnabled Boolean

    Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.

    privateClusterEnabled Boolean

    Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to false. Changing this forces a new resource to be created.

    privateClusterPublicFqdnEnabled Boolean

    Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to false.

    privateDnsZoneId String

    Either the ID of Private DNS Zone which should be delegated to this Cluster, System to have AKS manage this or None. In case of None you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.

    publicNetworkAccessEnabled Boolean

    Whether public network access is allowed for this Kubernetes Cluster. Defaults to true. Changing this forces a new resource to be created.

    roleBasedAccessControlEnabled Boolean

    Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to true. Changing this forces a new resource to be created.

    runCommandEnabled Boolean

    Whether to enable run command for the cluster or not. Defaults to true.

    serviceMeshProfile Property Map

    A service_mesh_profile block as defined below.

    servicePrincipal Property Map

    A service_principal block as documented below. One of either identity or service_principal must be specified.

    skuTier String

    The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free, and Standard (which includes the Uptime SLA). Defaults to Free.

    storageProfile Property Map

    A storage_profile block as defined below.

    tags Map<String>

    A mapping of tags to assign to the resource.

    webAppRouting Property Map

    A web_app_routing block as defined below.

    windowsProfile Property Map

    A windows_profile block as defined below.

    workloadAutoscalerProfile Property Map

    A workload_autoscaler_profile block defined below.

    workloadIdentityEnabled Boolean

    Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to false.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the KubernetesCluster resource produces the following output properties:

    Fqdn string

    The FQDN of the Azure Kubernetes Managed Cluster.

    HttpApplicationRoutingZoneName string

    The Zone Name of the HTTP Application Routing.

    Id string

    The provider-assigned unique ID for this managed resource.

    KubeAdminConfigRaw string

    Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    KubeAdminConfigs List<KubernetesClusterKubeAdminConfig>

    A kube_admin_config block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    KubeConfigRaw string

    Raw Kubernetes config to be used by kubectl and other compatible tools.

    KubeConfigs List<KubernetesClusterKubeConfig>

    A kube_config block as defined below.

    NodeResourceGroupId string

    The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.

    OidcIssuerUrl string

    The OIDC issuer URL that is associated with the cluster.

    PortalFqdn string

    The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    PrivateFqdn string

    The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    Fqdn string

    The FQDN of the Azure Kubernetes Managed Cluster.

    HttpApplicationRoutingZoneName string

    The Zone Name of the HTTP Application Routing.

    Id string

    The provider-assigned unique ID for this managed resource.

    KubeAdminConfigRaw string

    Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    KubeAdminConfigs []KubernetesClusterKubeAdminConfig

    A kube_admin_config block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    KubeConfigRaw string

    Raw Kubernetes config to be used by kubectl and other compatible tools.

    KubeConfigs []KubernetesClusterKubeConfig

    A kube_config block as defined below.

    NodeResourceGroupId string

    The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.

    OidcIssuerUrl string

    The OIDC issuer URL that is associated with the cluster.

    PortalFqdn string

    The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    PrivateFqdn string

    The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    fqdn String

    The FQDN of the Azure Kubernetes Managed Cluster.

    httpApplicationRoutingZoneName String

    The Zone Name of the HTTP Application Routing.

    id String

    The provider-assigned unique ID for this managed resource.

    kubeAdminConfigRaw String

    Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    kubeAdminConfigs List<KubernetesClusterKubeAdminConfig>

    A kube_admin_config block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    kubeConfigRaw String

    Raw Kubernetes config to be used by kubectl and other compatible tools.

    kubeConfigs List<KubernetesClusterKubeConfig>

    A kube_config block as defined below.

    nodeResourceGroupId String

    The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.

    oidcIssuerUrl String

    The OIDC issuer URL that is associated with the cluster.

    portalFqdn String

    The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    privateFqdn String

    The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    fqdn string

    The FQDN of the Azure Kubernetes Managed Cluster.

    httpApplicationRoutingZoneName string

    The Zone Name of the HTTP Application Routing.

    id string

    The provider-assigned unique ID for this managed resource.

    kubeAdminConfigRaw string

    Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    kubeAdminConfigs KubernetesClusterKubeAdminConfig[]

    A kube_admin_config block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    kubeConfigRaw string

    Raw Kubernetes config to be used by kubectl and other compatible tools.

    kubeConfigs KubernetesClusterKubeConfig[]

    A kube_config block as defined below.

    nodeResourceGroupId string

    The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.

    oidcIssuerUrl string

    The OIDC issuer URL that is associated with the cluster.

    portalFqdn string

    The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    privateFqdn string

    The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    fqdn str

    The FQDN of the Azure Kubernetes Managed Cluster.

    http_application_routing_zone_name str

    The Zone Name of the HTTP Application Routing.

    id str

    The provider-assigned unique ID for this managed resource.

    kube_admin_config_raw str

    Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    kube_admin_configs Sequence[KubernetesClusterKubeAdminConfig]

    A kube_admin_config block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    kube_config_raw str

    Raw Kubernetes config to be used by kubectl and other compatible tools.

    kube_configs Sequence[KubernetesClusterKubeConfig]

    A kube_config block as defined below.

    node_resource_group_id str

    The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.

    oidc_issuer_url str

    The OIDC issuer URL that is associated with the cluster.

    portal_fqdn str

    The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    private_fqdn str

    The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    fqdn String

    The FQDN of the Azure Kubernetes Managed Cluster.

    httpApplicationRoutingZoneName String

    The Zone Name of the HTTP Application Routing.

    id String

    The provider-assigned unique ID for this managed resource.

    kubeAdminConfigRaw String

    Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    kubeAdminConfigs List<Property Map>

    A kube_admin_config block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    kubeConfigRaw String

    Raw Kubernetes config to be used by kubectl and other compatible tools.

    kubeConfigs List<Property Map>

    A kube_config block as defined below.

    nodeResourceGroupId String

    The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.

    oidcIssuerUrl String

    The OIDC issuer URL that is associated with the cluster.

    portalFqdn String

    The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    privateFqdn String

    The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    Look up Existing KubernetesCluster Resource

    Get an existing KubernetesCluster resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: KubernetesClusterState, opts?: CustomResourceOptions): KubernetesCluster
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            aci_connector_linux: Optional[KubernetesClusterAciConnectorLinuxArgs] = None,
            api_server_access_profile: Optional[KubernetesClusterApiServerAccessProfileArgs] = None,
            api_server_authorized_ip_ranges: Optional[Sequence[str]] = None,
            auto_scaler_profile: Optional[KubernetesClusterAutoScalerProfileArgs] = None,
            automatic_channel_upgrade: Optional[str] = None,
            azure_active_directory_role_based_access_control: Optional[KubernetesClusterAzureActiveDirectoryRoleBasedAccessControlArgs] = None,
            azure_policy_enabled: Optional[bool] = None,
            confidential_computing: Optional[KubernetesClusterConfidentialComputingArgs] = None,
            default_node_pool: Optional[KubernetesClusterDefaultNodePoolArgs] = None,
            disk_encryption_set_id: Optional[str] = None,
            dns_prefix: Optional[str] = None,
            dns_prefix_private_cluster: Optional[str] = None,
            edge_zone: Optional[str] = None,
            enable_pod_security_policy: Optional[bool] = None,
            fqdn: Optional[str] = None,
            http_application_routing_enabled: Optional[bool] = None,
            http_application_routing_zone_name: Optional[str] = None,
            http_proxy_config: Optional[KubernetesClusterHttpProxyConfigArgs] = None,
            identity: Optional[KubernetesClusterIdentityArgs] = None,
            image_cleaner_enabled: Optional[bool] = None,
            image_cleaner_interval_hours: Optional[int] = None,
            ingress_application_gateway: Optional[KubernetesClusterIngressApplicationGatewayArgs] = None,
            key_management_service: Optional[KubernetesClusterKeyManagementServiceArgs] = None,
            key_vault_secrets_provider: Optional[KubernetesClusterKeyVaultSecretsProviderArgs] = None,
            kube_admin_config_raw: Optional[str] = None,
            kube_admin_configs: Optional[Sequence[KubernetesClusterKubeAdminConfigArgs]] = None,
            kube_config_raw: Optional[str] = None,
            kube_configs: Optional[Sequence[KubernetesClusterKubeConfigArgs]] = None,
            kubelet_identity: Optional[KubernetesClusterKubeletIdentityArgs] = None,
            kubernetes_version: Optional[str] = None,
            linux_profile: Optional[KubernetesClusterLinuxProfileArgs] = None,
            local_account_disabled: Optional[bool] = None,
            location: Optional[str] = None,
            maintenance_window: Optional[KubernetesClusterMaintenanceWindowArgs] = None,
            microsoft_defender: Optional[KubernetesClusterMicrosoftDefenderArgs] = None,
            monitor_metrics: Optional[KubernetesClusterMonitorMetricsArgs] = None,
            name: Optional[str] = None,
            network_profile: Optional[KubernetesClusterNetworkProfileArgs] = None,
            node_resource_group: Optional[str] = None,
            node_resource_group_id: Optional[str] = None,
            oidc_issuer_enabled: Optional[bool] = None,
            oidc_issuer_url: Optional[str] = None,
            oms_agent: Optional[KubernetesClusterOmsAgentArgs] = None,
            open_service_mesh_enabled: Optional[bool] = None,
            portal_fqdn: Optional[str] = None,
            private_cluster_enabled: Optional[bool] = None,
            private_cluster_public_fqdn_enabled: Optional[bool] = None,
            private_dns_zone_id: Optional[str] = None,
            private_fqdn: Optional[str] = None,
            public_network_access_enabled: Optional[bool] = None,
            resource_group_name: Optional[str] = None,
            role_based_access_control_enabled: Optional[bool] = None,
            run_command_enabled: Optional[bool] = None,
            service_mesh_profile: Optional[KubernetesClusterServiceMeshProfileArgs] = None,
            service_principal: Optional[KubernetesClusterServicePrincipalArgs] = None,
            sku_tier: Optional[str] = None,
            storage_profile: Optional[KubernetesClusterStorageProfileArgs] = None,
            tags: Optional[Mapping[str, str]] = None,
            web_app_routing: Optional[KubernetesClusterWebAppRoutingArgs] = None,
            windows_profile: Optional[KubernetesClusterWindowsProfileArgs] = None,
            workload_autoscaler_profile: Optional[KubernetesClusterWorkloadAutoscalerProfileArgs] = None,
            workload_identity_enabled: Optional[bool] = None) -> KubernetesCluster
    func GetKubernetesCluster(ctx *Context, name string, id IDInput, state *KubernetesClusterState, opts ...ResourceOption) (*KubernetesCluster, error)
    public static KubernetesCluster Get(string name, Input<string> id, KubernetesClusterState? state, CustomResourceOptions? opts = null)
    public static KubernetesCluster get(String name, Output<String> id, KubernetesClusterState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AciConnectorLinux KubernetesClusterAciConnectorLinuxArgs

    A aci_connector_linux block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.

    ApiServerAccessProfile KubernetesClusterApiServerAccessProfileArgs

    An api_server_access_profile block as defined below.

    ApiServerAuthorizedIpRanges List<string>

    Deprecated:

    This property has been renamed to authorized_ip_ranges within the api_server_access_profile block and will be removed in v4.0 of the provider

    AutoScalerProfile KubernetesClusterAutoScalerProfileArgs

    A auto_scaler_profile block as defined below.

    AutomaticChannelUpgrade string

    The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none.

    AzureActiveDirectoryRoleBasedAccessControl KubernetesClusterAzureActiveDirectoryRoleBasedAccessControlArgs

    A azure_active_directory_role_based_access_control block as defined below.

    AzurePolicyEnabled bool

    Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service

    ConfidentialComputing KubernetesClusterConfidentialComputingArgs

    A confidential_computing block as defined below. For more details please the documentation

    DefaultNodePool KubernetesClusterDefaultNodePoolArgs

    A default_node_pool block as defined below.

    DiskEncryptionSetId string

    The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.

    DnsPrefix string

    DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.

    DnsPrefixPrivateCluster string

    Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.

    EdgeZone string

    Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    EnablePodSecurityPolicy bool

    Deprecated:

    The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.

    Fqdn string

    The FQDN of the Azure Kubernetes Managed Cluster.

    HttpApplicationRoutingEnabled bool

    Should HTTP Application Routing be enabled?

    HttpApplicationRoutingZoneName string

    The Zone Name of the HTTP Application Routing.

    HttpProxyConfig KubernetesClusterHttpProxyConfigArgs

    A http_proxy_config block as defined below.

    Identity KubernetesClusterIdentityArgs

    An identity block as defined below. One of either identity or service_principal must be specified.

    ImageCleanerEnabled bool

    Specifies whether Image Cleaner is enabled.

    ImageCleanerIntervalHours int

    Specifies the interval in hours when images should be cleaned up. Defaults to 48.

    IngressApplicationGateway KubernetesClusterIngressApplicationGatewayArgs

    A ingress_application_gateway block as defined below.

    KeyManagementService KubernetesClusterKeyManagementServiceArgs

    A key_management_service block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.

    KeyVaultSecretsProvider KubernetesClusterKeyVaultSecretsProviderArgs

    A key_vault_secrets_provider block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.

    KubeAdminConfigRaw string

    Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    KubeAdminConfigs List<KubernetesClusterKubeAdminConfigArgs>

    A kube_admin_config block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    KubeConfigRaw string

    Raw Kubernetes config to be used by kubectl and other compatible tools.

    KubeConfigs List<KubernetesClusterKubeConfigArgs>

    A kube_config block as defined below.

    KubeletIdentity KubernetesClusterKubeletIdentityArgs

    A kubelet_identity block as defined below.

    KubernetesVersion string

    Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    LinuxProfile KubernetesClusterLinuxProfileArgs

    A linux_profile block as defined below.

    LocalAccountDisabled bool

    If true local accounts will be disabled. See the documentation for more information.

    Location string

    The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.

    MaintenanceWindow KubernetesClusterMaintenanceWindowArgs

    A maintenance_window block as defined below.

    MicrosoftDefender KubernetesClusterMicrosoftDefenderArgs

    A microsoft_defender block as defined below.

    MonitorMetrics KubernetesClusterMonitorMetricsArgs

    Specifies a Prometheus add-on profile for the Kubernetes Cluster. A monitor_metrics block as defined below.

    Name string

    The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.

    NetworkProfile KubernetesClusterNetworkProfileArgs

    A network_profile block as defined below. Changing this forces a new resource to be created.

    NodeResourceGroup string

    The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.

    NodeResourceGroupId string

    The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.

    OidcIssuerEnabled bool

    Enable or Disable the OIDC issuer URL

    OidcIssuerUrl string

    The OIDC issuer URL that is associated with the cluster.

    OmsAgent KubernetesClusterOmsAgentArgs

    A oms_agent block as defined below.

    OpenServiceMeshEnabled bool

    Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.

    PortalFqdn string

    The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    PrivateClusterEnabled bool

    Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to false. Changing this forces a new resource to be created.

    PrivateClusterPublicFqdnEnabled bool

    Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to false.

    PrivateDnsZoneId string

    Either the ID of Private DNS Zone which should be delegated to this Cluster, System to have AKS manage this or None. In case of None you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.

    PrivateFqdn string

    The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    PublicNetworkAccessEnabled bool

    Whether public network access is allowed for this Kubernetes Cluster. Defaults to true. Changing this forces a new resource to be created.

    ResourceGroupName string

    Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    RoleBasedAccessControlEnabled bool

    Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to true. Changing this forces a new resource to be created.

    RunCommandEnabled bool

    Whether to enable run command for the cluster or not. Defaults to true.

    ServiceMeshProfile KubernetesClusterServiceMeshProfileArgs

    A service_mesh_profile block as defined below.

    ServicePrincipal KubernetesClusterServicePrincipalArgs

    A service_principal block as documented below. One of either identity or service_principal must be specified.

    SkuTier string

    The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free, and Standard (which includes the Uptime SLA). Defaults to Free.

    StorageProfile KubernetesClusterStorageProfileArgs

    A storage_profile block as defined below.

    Tags Dictionary<string, string>

    A mapping of tags to assign to the resource.

    WebAppRouting KubernetesClusterWebAppRoutingArgs

    A web_app_routing block as defined below.

    WindowsProfile KubernetesClusterWindowsProfileArgs

    A windows_profile block as defined below.

    WorkloadAutoscalerProfile KubernetesClusterWorkloadAutoscalerProfileArgs

    A workload_autoscaler_profile block defined below.

    WorkloadIdentityEnabled bool

    Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to false.

    AciConnectorLinux KubernetesClusterAciConnectorLinuxArgs

    A aci_connector_linux block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.

    ApiServerAccessProfile KubernetesClusterApiServerAccessProfileArgs

    An api_server_access_profile block as defined below.

    ApiServerAuthorizedIpRanges []string

    Deprecated:

    This property has been renamed to authorized_ip_ranges within the api_server_access_profile block and will be removed in v4.0 of the provider

    AutoScalerProfile KubernetesClusterAutoScalerProfileArgs

    A auto_scaler_profile block as defined below.

    AutomaticChannelUpgrade string

    The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none.

    AzureActiveDirectoryRoleBasedAccessControl KubernetesClusterAzureActiveDirectoryRoleBasedAccessControlArgs

    A azure_active_directory_role_based_access_control block as defined below.

    AzurePolicyEnabled bool

    Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service

    ConfidentialComputing KubernetesClusterConfidentialComputingArgs

    A confidential_computing block as defined below. For more details please the documentation

    DefaultNodePool KubernetesClusterDefaultNodePoolArgs

    A default_node_pool block as defined below.

    DiskEncryptionSetId string

    The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.

    DnsPrefix string

    DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.

    DnsPrefixPrivateCluster string

    Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.

    EdgeZone string

    Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    EnablePodSecurityPolicy bool

    Deprecated:

    The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.

    Fqdn string

    The FQDN of the Azure Kubernetes Managed Cluster.

    HttpApplicationRoutingEnabled bool

    Should HTTP Application Routing be enabled?

    HttpApplicationRoutingZoneName string

    The Zone Name of the HTTP Application Routing.

    HttpProxyConfig KubernetesClusterHttpProxyConfigArgs

    A http_proxy_config block as defined below.

    Identity KubernetesClusterIdentityArgs

    An identity block as defined below. One of either identity or service_principal must be specified.

    ImageCleanerEnabled bool

    Specifies whether Image Cleaner is enabled.

    ImageCleanerIntervalHours int

    Specifies the interval in hours when images should be cleaned up. Defaults to 48.

    IngressApplicationGateway KubernetesClusterIngressApplicationGatewayArgs

    A ingress_application_gateway block as defined below.

    KeyManagementService KubernetesClusterKeyManagementServiceArgs

    A key_management_service block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.

    KeyVaultSecretsProvider KubernetesClusterKeyVaultSecretsProviderArgs

    A key_vault_secrets_provider block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.

    KubeAdminConfigRaw string

    Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    KubeAdminConfigs []KubernetesClusterKubeAdminConfigArgs

    A kube_admin_config block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    KubeConfigRaw string

    Raw Kubernetes config to be used by kubectl and other compatible tools.

    KubeConfigs []KubernetesClusterKubeConfigArgs

    A kube_config block as defined below.

    KubeletIdentity KubernetesClusterKubeletIdentityArgs

    A kubelet_identity block as defined below.

    KubernetesVersion string

    Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    LinuxProfile KubernetesClusterLinuxProfileArgs

    A linux_profile block as defined below.

    LocalAccountDisabled bool

    If true local accounts will be disabled. See the documentation for more information.

    Location string

    The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.

    MaintenanceWindow KubernetesClusterMaintenanceWindowArgs

    A maintenance_window block as defined below.

    MicrosoftDefender KubernetesClusterMicrosoftDefenderArgs

    A microsoft_defender block as defined below.

    MonitorMetrics KubernetesClusterMonitorMetricsArgs

    Specifies a Prometheus add-on profile for the Kubernetes Cluster. A monitor_metrics block as defined below.

    Name string

    The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.

    NetworkProfile KubernetesClusterNetworkProfileArgs

    A network_profile block as defined below. Changing this forces a new resource to be created.

    NodeResourceGroup string

    The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.

    NodeResourceGroupId string

    The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.

    OidcIssuerEnabled bool

    Enable or Disable the OIDC issuer URL

    OidcIssuerUrl string

    The OIDC issuer URL that is associated with the cluster.

    OmsAgent KubernetesClusterOmsAgentArgs

    A oms_agent block as defined below.

    OpenServiceMeshEnabled bool

    Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.

    PortalFqdn string

    The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    PrivateClusterEnabled bool

    Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to false. Changing this forces a new resource to be created.

    PrivateClusterPublicFqdnEnabled bool

    Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to false.

    PrivateDnsZoneId string

    Either the ID of Private DNS Zone which should be delegated to this Cluster, System to have AKS manage this or None. In case of None you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.

    PrivateFqdn string

    The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    PublicNetworkAccessEnabled bool

    Whether public network access is allowed for this Kubernetes Cluster. Defaults to true. Changing this forces a new resource to be created.

    ResourceGroupName string

    Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    RoleBasedAccessControlEnabled bool

    Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to true. Changing this forces a new resource to be created.

    RunCommandEnabled bool

    Whether to enable run command for the cluster or not. Defaults to true.

    ServiceMeshProfile KubernetesClusterServiceMeshProfileArgs

    A service_mesh_profile block as defined below.

    ServicePrincipal KubernetesClusterServicePrincipalArgs

    A service_principal block as documented below. One of either identity or service_principal must be specified.

    SkuTier string

    The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free, and Standard (which includes the Uptime SLA). Defaults to Free.

    StorageProfile KubernetesClusterStorageProfileArgs

    A storage_profile block as defined below.

    Tags map[string]string

    A mapping of tags to assign to the resource.

    WebAppRouting KubernetesClusterWebAppRoutingArgs

    A web_app_routing block as defined below.

    WindowsProfile KubernetesClusterWindowsProfileArgs

    A windows_profile block as defined below.

    WorkloadAutoscalerProfile KubernetesClusterWorkloadAutoscalerProfileArgs

    A workload_autoscaler_profile block defined below.

    WorkloadIdentityEnabled bool

    Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to false.

    aciConnectorLinux KubernetesClusterAciConnectorLinuxArgs

    A aci_connector_linux block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.

    apiServerAccessProfile KubernetesClusterApiServerAccessProfileArgs

    An api_server_access_profile block as defined below.

    apiServerAuthorizedIpRanges List<String>

    Deprecated:

    This property has been renamed to authorized_ip_ranges within the api_server_access_profile block and will be removed in v4.0 of the provider

    autoScalerProfile KubernetesClusterAutoScalerProfileArgs

    A auto_scaler_profile block as defined below.

    automaticChannelUpgrade String

    The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none.

    azureActiveDirectoryRoleBasedAccessControl KubernetesClusterAzureActiveDirectoryRoleBasedAccessControlArgs

    A azure_active_directory_role_based_access_control block as defined below.

    azurePolicyEnabled Boolean

    Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service

    confidentialComputing KubernetesClusterConfidentialComputingArgs

    A confidential_computing block as defined below. For more details please the documentation

    defaultNodePool KubernetesClusterDefaultNodePoolArgs

    A default_node_pool block as defined below.

    diskEncryptionSetId String

    The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.

    dnsPrefix String

    DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.

    dnsPrefixPrivateCluster String

    Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.

    edgeZone String

    Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    enablePodSecurityPolicy Boolean

    Deprecated:

    The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.

    fqdn String

    The FQDN of the Azure Kubernetes Managed Cluster.

    httpApplicationRoutingEnabled Boolean

    Should HTTP Application Routing be enabled?

    httpApplicationRoutingZoneName String

    The Zone Name of the HTTP Application Routing.

    httpProxyConfig KubernetesClusterHttpProxyConfigArgs

    A http_proxy_config block as defined below.

    identity KubernetesClusterIdentityArgs

    An identity block as defined below. One of either identity or service_principal must be specified.

    imageCleanerEnabled Boolean

    Specifies whether Image Cleaner is enabled.

    imageCleanerIntervalHours Integer

    Specifies the interval in hours when images should be cleaned up. Defaults to 48.

    ingressApplicationGateway KubernetesClusterIngressApplicationGatewayArgs

    A ingress_application_gateway block as defined below.

    keyManagementService KubernetesClusterKeyManagementServiceArgs

    A key_management_service block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.

    keyVaultSecretsProvider KubernetesClusterKeyVaultSecretsProviderArgs

    A key_vault_secrets_provider block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.

    kubeAdminConfigRaw String

    Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    kubeAdminConfigs List<KubernetesClusterKubeAdminConfigArgs>

    A kube_admin_config block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    kubeConfigRaw String

    Raw Kubernetes config to be used by kubectl and other compatible tools.

    kubeConfigs List<KubernetesClusterKubeConfigArgs>

    A kube_config block as defined below.

    kubeletIdentity KubernetesClusterKubeletIdentityArgs

    A kubelet_identity block as defined below.

    kubernetesVersion String

    Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    linuxProfile KubernetesClusterLinuxProfileArgs

    A linux_profile block as defined below.

    localAccountDisabled Boolean

    If true local accounts will be disabled. See the documentation for more information.

    location String

    The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.

    maintenanceWindow KubernetesClusterMaintenanceWindowArgs

    A maintenance_window block as defined below.

    microsoftDefender KubernetesClusterMicrosoftDefenderArgs

    A microsoft_defender block as defined below.

    monitorMetrics KubernetesClusterMonitorMetricsArgs

    Specifies a Prometheus add-on profile for the Kubernetes Cluster. A monitor_metrics block as defined below.

    name String

    The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.

    networkProfile KubernetesClusterNetworkProfileArgs

    A network_profile block as defined below. Changing this forces a new resource to be created.

    nodeResourceGroup String

    The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.

    nodeResourceGroupId String

    The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.

    oidcIssuerEnabled Boolean

    Enable or Disable the OIDC issuer URL

    oidcIssuerUrl String

    The OIDC issuer URL that is associated with the cluster.

    omsAgent KubernetesClusterOmsAgentArgs

    A oms_agent block as defined below.

    openServiceMeshEnabled Boolean

    Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.

    portalFqdn String

    The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    privateClusterEnabled Boolean

    Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to false. Changing this forces a new resource to be created.

    privateClusterPublicFqdnEnabled Boolean

    Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to false.

    privateDnsZoneId String

    Either the ID of Private DNS Zone which should be delegated to this Cluster, System to have AKS manage this or None. In case of None you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.

    privateFqdn String

    The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    publicNetworkAccessEnabled Boolean

    Whether public network access is allowed for this Kubernetes Cluster. Defaults to true. Changing this forces a new resource to be created.

    resourceGroupName String

    Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    roleBasedAccessControlEnabled Boolean

    Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to true. Changing this forces a new resource to be created.

    runCommandEnabled Boolean

    Whether to enable run command for the cluster or not. Defaults to true.

    serviceMeshProfile KubernetesClusterServiceMeshProfileArgs

    A service_mesh_profile block as defined below.

    servicePrincipal KubernetesClusterServicePrincipalArgs

    A service_principal block as documented below. One of either identity or service_principal must be specified.

    skuTier String

    The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free, and Standard (which includes the Uptime SLA). Defaults to Free.

    storageProfile KubernetesClusterStorageProfileArgs

    A storage_profile block as defined below.

    tags Map<String,String>

    A mapping of tags to assign to the resource.

    webAppRouting KubernetesClusterWebAppRoutingArgs

    A web_app_routing block as defined below.

    windowsProfile KubernetesClusterWindowsProfileArgs

    A windows_profile block as defined below.

    workloadAutoscalerProfile KubernetesClusterWorkloadAutoscalerProfileArgs

    A workload_autoscaler_profile block defined below.

    workloadIdentityEnabled Boolean

    Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to false.

    aciConnectorLinux KubernetesClusterAciConnectorLinuxArgs

    A aci_connector_linux block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.

    apiServerAccessProfile KubernetesClusterApiServerAccessProfileArgs

    An api_server_access_profile block as defined below.

    apiServerAuthorizedIpRanges string[]

    Deprecated:

    This property has been renamed to authorized_ip_ranges within the api_server_access_profile block and will be removed in v4.0 of the provider

    autoScalerProfile KubernetesClusterAutoScalerProfileArgs

    A auto_scaler_profile block as defined below.

    automaticChannelUpgrade string

    The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none.

    azureActiveDirectoryRoleBasedAccessControl KubernetesClusterAzureActiveDirectoryRoleBasedAccessControlArgs

    A azure_active_directory_role_based_access_control block as defined below.

    azurePolicyEnabled boolean

    Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service

    confidentialComputing KubernetesClusterConfidentialComputingArgs

    A confidential_computing block as defined below. For more details please the documentation

    defaultNodePool KubernetesClusterDefaultNodePoolArgs

    A default_node_pool block as defined below.

    diskEncryptionSetId string

    The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.

    dnsPrefix string

    DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.

    dnsPrefixPrivateCluster string

    Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.

    edgeZone string

    Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    enablePodSecurityPolicy boolean

    Deprecated:

    The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.

    fqdn string

    The FQDN of the Azure Kubernetes Managed Cluster.

    httpApplicationRoutingEnabled boolean

    Should HTTP Application Routing be enabled?

    httpApplicationRoutingZoneName string

    The Zone Name of the HTTP Application Routing.

    httpProxyConfig KubernetesClusterHttpProxyConfigArgs

    A http_proxy_config block as defined below.

    identity KubernetesClusterIdentityArgs

    An identity block as defined below. One of either identity or service_principal must be specified.

    imageCleanerEnabled boolean

    Specifies whether Image Cleaner is enabled.

    imageCleanerIntervalHours number

    Specifies the interval in hours when images should be cleaned up. Defaults to 48.

    ingressApplicationGateway KubernetesClusterIngressApplicationGatewayArgs

    A ingress_application_gateway block as defined below.

    keyManagementService KubernetesClusterKeyManagementServiceArgs

    A key_management_service block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.

    keyVaultSecretsProvider KubernetesClusterKeyVaultSecretsProviderArgs

    A key_vault_secrets_provider block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.

    kubeAdminConfigRaw string

    Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    kubeAdminConfigs KubernetesClusterKubeAdminConfigArgs[]

    A kube_admin_config block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    kubeConfigRaw string

    Raw Kubernetes config to be used by kubectl and other compatible tools.

    kubeConfigs KubernetesClusterKubeConfigArgs[]

    A kube_config block as defined below.

    kubeletIdentity KubernetesClusterKubeletIdentityArgs

    A kubelet_identity block as defined below.

    kubernetesVersion string

    Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    linuxProfile KubernetesClusterLinuxProfileArgs

    A linux_profile block as defined below.

    localAccountDisabled boolean

    If true local accounts will be disabled. See the documentation for more information.

    location string

    The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.

    maintenanceWindow KubernetesClusterMaintenanceWindowArgs

    A maintenance_window block as defined below.

    microsoftDefender KubernetesClusterMicrosoftDefenderArgs

    A microsoft_defender block as defined below.

    monitorMetrics KubernetesClusterMonitorMetricsArgs

    Specifies a Prometheus add-on profile for the Kubernetes Cluster. A monitor_metrics block as defined below.

    name string

    The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.

    networkProfile KubernetesClusterNetworkProfileArgs

    A network_profile block as defined below. Changing this forces a new resource to be created.

    nodeResourceGroup string

    The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.

    nodeResourceGroupId string

    The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.

    oidcIssuerEnabled boolean

    Enable or Disable the OIDC issuer URL

    oidcIssuerUrl string

    The OIDC issuer URL that is associated with the cluster.

    omsAgent KubernetesClusterOmsAgentArgs

    A oms_agent block as defined below.

    openServiceMeshEnabled boolean

    Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.

    portalFqdn string

    The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    privateClusterEnabled boolean

    Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to false. Changing this forces a new resource to be created.

    privateClusterPublicFqdnEnabled boolean

    Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to false.

    privateDnsZoneId string

    Either the ID of Private DNS Zone which should be delegated to this Cluster, System to have AKS manage this or None. In case of None you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.

    privateFqdn string

    The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    publicNetworkAccessEnabled boolean

    Whether public network access is allowed for this Kubernetes Cluster. Defaults to true. Changing this forces a new resource to be created.

    resourceGroupName string

    Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    roleBasedAccessControlEnabled boolean

    Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to true. Changing this forces a new resource to be created.

    runCommandEnabled boolean

    Whether to enable run command for the cluster or not. Defaults to true.

    serviceMeshProfile KubernetesClusterServiceMeshProfileArgs

    A service_mesh_profile block as defined below.

    servicePrincipal KubernetesClusterServicePrincipalArgs

    A service_principal block as documented below. One of either identity or service_principal must be specified.

    skuTier string

    The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free, and Standard (which includes the Uptime SLA). Defaults to Free.

    storageProfile KubernetesClusterStorageProfileArgs

    A storage_profile block as defined below.

    tags {[key: string]: string}

    A mapping of tags to assign to the resource.

    webAppRouting KubernetesClusterWebAppRoutingArgs

    A web_app_routing block as defined below.

    windowsProfile KubernetesClusterWindowsProfileArgs

    A windows_profile block as defined below.

    workloadAutoscalerProfile KubernetesClusterWorkloadAutoscalerProfileArgs

    A workload_autoscaler_profile block defined below.

    workloadIdentityEnabled boolean

    Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to false.

    aci_connector_linux KubernetesClusterAciConnectorLinuxArgs

    A aci_connector_linux block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.

    api_server_access_profile KubernetesClusterApiServerAccessProfileArgs

    An api_server_access_profile block as defined below.

    api_server_authorized_ip_ranges Sequence[str]

    Deprecated:

    This property has been renamed to authorized_ip_ranges within the api_server_access_profile block and will be removed in v4.0 of the provider

    auto_scaler_profile KubernetesClusterAutoScalerProfileArgs

    A auto_scaler_profile block as defined below.

    automatic_channel_upgrade str

    The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none.

    azure_active_directory_role_based_access_control KubernetesClusterAzureActiveDirectoryRoleBasedAccessControlArgs

    A azure_active_directory_role_based_access_control block as defined below.

    azure_policy_enabled bool

    Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service

    confidential_computing KubernetesClusterConfidentialComputingArgs

    A confidential_computing block as defined below. For more details please the documentation

    default_node_pool KubernetesClusterDefaultNodePoolArgs

    A default_node_pool block as defined below.

    disk_encryption_set_id str

    The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.

    dns_prefix str

    DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.

    dns_prefix_private_cluster str

    Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.

    edge_zone str

    Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    enable_pod_security_policy bool

    Deprecated:

    The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.

    fqdn str

    The FQDN of the Azure Kubernetes Managed Cluster.

    http_application_routing_enabled bool

    Should HTTP Application Routing be enabled?

    http_application_routing_zone_name str

    The Zone Name of the HTTP Application Routing.

    http_proxy_config KubernetesClusterHttpProxyConfigArgs

    A http_proxy_config block as defined below.

    identity KubernetesClusterIdentityArgs

    An identity block as defined below. One of either identity or service_principal must be specified.

    image_cleaner_enabled bool

    Specifies whether Image Cleaner is enabled.

    image_cleaner_interval_hours int

    Specifies the interval in hours when images should be cleaned up. Defaults to 48.

    ingress_application_gateway KubernetesClusterIngressApplicationGatewayArgs

    A ingress_application_gateway block as defined below.

    key_management_service KubernetesClusterKeyManagementServiceArgs

    A key_management_service block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.

    key_vault_secrets_provider KubernetesClusterKeyVaultSecretsProviderArgs

    A key_vault_secrets_provider block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.

    kube_admin_config_raw str

    Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    kube_admin_configs Sequence[KubernetesClusterKubeAdminConfigArgs]

    A kube_admin_config block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    kube_config_raw str

    Raw Kubernetes config to be used by kubectl and other compatible tools.

    kube_configs Sequence[KubernetesClusterKubeConfigArgs]

    A kube_config block as defined below.

    kubelet_identity KubernetesClusterKubeletIdentityArgs

    A kubelet_identity block as defined below.

    kubernetes_version str

    Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    linux_profile KubernetesClusterLinuxProfileArgs

    A linux_profile block as defined below.

    local_account_disabled bool

    If true local accounts will be disabled. See the documentation for more information.

    location str

    The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.

    maintenance_window KubernetesClusterMaintenanceWindowArgs

    A maintenance_window block as defined below.

    microsoft_defender KubernetesClusterMicrosoftDefenderArgs

    A microsoft_defender block as defined below.

    monitor_metrics KubernetesClusterMonitorMetricsArgs

    Specifies a Prometheus add-on profile for the Kubernetes Cluster. A monitor_metrics block as defined below.

    name str

    The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.

    network_profile KubernetesClusterNetworkProfileArgs

    A network_profile block as defined below. Changing this forces a new resource to be created.

    node_resource_group str

    The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.

    node_resource_group_id str

    The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.

    oidc_issuer_enabled bool

    Enable or Disable the OIDC issuer URL

    oidc_issuer_url str

    The OIDC issuer URL that is associated with the cluster.

    oms_agent KubernetesClusterOmsAgentArgs

    A oms_agent block as defined below.

    open_service_mesh_enabled bool

    Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.

    portal_fqdn str

    The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    private_cluster_enabled bool

    Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to false. Changing this forces a new resource to be created.

    private_cluster_public_fqdn_enabled bool

    Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to false.

    private_dns_zone_id str

    Either the ID of Private DNS Zone which should be delegated to this Cluster, System to have AKS manage this or None. In case of None you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.

    private_fqdn str

    The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    public_network_access_enabled bool

    Whether public network access is allowed for this Kubernetes Cluster. Defaults to true. Changing this forces a new resource to be created.

    resource_group_name str

    Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    role_based_access_control_enabled bool

    Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to true. Changing this forces a new resource to be created.

    run_command_enabled bool

    Whether to enable run command for the cluster or not. Defaults to true.

    service_mesh_profile KubernetesClusterServiceMeshProfileArgs

    A service_mesh_profile block as defined below.

    service_principal KubernetesClusterServicePrincipalArgs

    A service_principal block as documented below. One of either identity or service_principal must be specified.

    sku_tier str

    The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free, and Standard (which includes the Uptime SLA). Defaults to Free.

    storage_profile KubernetesClusterStorageProfileArgs

    A storage_profile block as defined below.

    tags Mapping[str, str]

    A mapping of tags to assign to the resource.

    web_app_routing KubernetesClusterWebAppRoutingArgs

    A web_app_routing block as defined below.

    windows_profile KubernetesClusterWindowsProfileArgs

    A windows_profile block as defined below.

    workload_autoscaler_profile KubernetesClusterWorkloadAutoscalerProfileArgs

    A workload_autoscaler_profile block defined below.

    workload_identity_enabled bool

    Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to false.

    aciConnectorLinux Property Map

    A aci_connector_linux block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.

    apiServerAccessProfile Property Map

    An api_server_access_profile block as defined below.

    apiServerAuthorizedIpRanges List<String>

    Deprecated:

    This property has been renamed to authorized_ip_ranges within the api_server_access_profile block and will be removed in v4.0 of the provider

    autoScalerProfile Property Map

    A auto_scaler_profile block as defined below.

    automaticChannelUpgrade String

    The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none.

    azureActiveDirectoryRoleBasedAccessControl Property Map

    A azure_active_directory_role_based_access_control block as defined below.

    azurePolicyEnabled Boolean

    Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service

    confidentialComputing Property Map

    A confidential_computing block as defined below. For more details please the documentation

    defaultNodePool Property Map

    A default_node_pool block as defined below.

    diskEncryptionSetId String

    The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation. Changing this forces a new resource to be created.

    dnsPrefix String

    DNS prefix specified when creating the managed cluster. Possible values must begin and end with a letter or number, contain only letters, numbers, and hyphens and be between 1 and 54 characters in length. Changing this forces a new resource to be created.

    dnsPrefixPrivateCluster String

    Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created.

    edgeZone String

    Specifies the Edge Zone within the Azure Region where this Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    enablePodSecurityPolicy Boolean

    Deprecated:

    The AKS API has removed support for this field on 2020-10-15 and is no longer possible to configure this the Pod Security Policy.

    fqdn String

    The FQDN of the Azure Kubernetes Managed Cluster.

    httpApplicationRoutingEnabled Boolean

    Should HTTP Application Routing be enabled?

    httpApplicationRoutingZoneName String

    The Zone Name of the HTTP Application Routing.

    httpProxyConfig Property Map

    A http_proxy_config block as defined below.

    identity Property Map

    An identity block as defined below. One of either identity or service_principal must be specified.

    imageCleanerEnabled Boolean

    Specifies whether Image Cleaner is enabled.

    imageCleanerIntervalHours Number

    Specifies the interval in hours when images should be cleaned up. Defaults to 48.

    ingressApplicationGateway Property Map

    A ingress_application_gateway block as defined below.

    keyManagementService Property Map

    A key_management_service block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.

    keyVaultSecretsProvider Property Map

    A key_vault_secrets_provider block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS.

    kubeAdminConfigRaw String

    Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    kubeAdminConfigs List<Property Map>

    A kube_admin_config block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled.

    kubeConfigRaw String

    Raw Kubernetes config to be used by kubectl and other compatible tools.

    kubeConfigs List<Property Map>

    A kube_config block as defined below.

    kubeletIdentity Property Map

    A kubelet_identity block as defined below.

    kubernetesVersion String

    Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    linuxProfile Property Map

    A linux_profile block as defined below.

    localAccountDisabled Boolean

    If true local accounts will be disabled. See the documentation for more information.

    location String

    The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created.

    maintenanceWindow Property Map

    A maintenance_window block as defined below.

    microsoftDefender Property Map

    A microsoft_defender block as defined below.

    monitorMetrics Property Map

    Specifies a Prometheus add-on profile for the Kubernetes Cluster. A monitor_metrics block as defined below.

    name String

    The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created.

    networkProfile Property Map

    A network_profile block as defined below. Changing this forces a new resource to be created.

    nodeResourceGroup String

    The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created.

    nodeResourceGroupId String

    The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster.

    oidcIssuerEnabled Boolean

    Enable or Disable the OIDC issuer URL

    oidcIssuerUrl String

    The OIDC issuer URL that is associated with the cluster.

    omsAgent Property Map

    A oms_agent block as defined below.

    openServiceMeshEnabled Boolean

    Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS.

    portalFqdn String

    The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    privateClusterEnabled Boolean

    Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to false. Changing this forces a new resource to be created.

    privateClusterPublicFqdnEnabled Boolean

    Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to false.

    privateDnsZoneId String

    Either the ID of Private DNS Zone which should be delegated to this Cluster, System to have AKS manage this or None. In case of None you will need to bring your own DNS server and set up resolving, otherwise, the cluster will have issues after provisioning. Changing this forces a new resource to be created.

    privateFqdn String

    The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster.

    publicNetworkAccessEnabled Boolean

    Whether public network access is allowed for this Kubernetes Cluster. Defaults to true. Changing this forces a new resource to be created.

    resourceGroupName String

    Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created.

    roleBasedAccessControlEnabled Boolean

    Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to true. Changing this forces a new resource to be created.

    runCommandEnabled Boolean

    Whether to enable run command for the cluster or not. Defaults to true.

    serviceMeshProfile Property Map

    A service_mesh_profile block as defined below.

    servicePrincipal Property Map

    A service_principal block as documented below. One of either identity or service_principal must be specified.

    skuTier String

    The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free, and Standard (which includes the Uptime SLA). Defaults to Free.

    storageProfile Property Map

    A storage_profile block as defined below.

    tags Map<String>

    A mapping of tags to assign to the resource.

    webAppRouting Property Map

    A web_app_routing block as defined below.

    windowsProfile Property Map

    A windows_profile block as defined below.

    workloadAutoscalerProfile Property Map

    A workload_autoscaler_profile block defined below.

    workloadIdentityEnabled Boolean

    Specifies whether Azure AD Workload Identity should be enabled for the Cluster. Defaults to false.

    Supporting Types

    KubernetesClusterAciConnectorLinux

    SubnetName string

    The subnet name for the virtual nodes to run.

    ConnectorIdentities List<KubernetesClusterAciConnectorLinuxConnectorIdentity>

    A connector_identity block is exported. The exported attributes are defined below.

    SubnetName string

    The subnet name for the virtual nodes to run.

    ConnectorIdentities []KubernetesClusterAciConnectorLinuxConnectorIdentity

    A connector_identity block is exported. The exported attributes are defined below.

    subnetName String

    The subnet name for the virtual nodes to run.

    connectorIdentities List<KubernetesClusterAciConnectorLinuxConnectorIdentity>

    A connector_identity block is exported. The exported attributes are defined below.

    subnetName string

    The subnet name for the virtual nodes to run.

    connectorIdentities KubernetesClusterAciConnectorLinuxConnectorIdentity[]

    A connector_identity block is exported. The exported attributes are defined below.

    subnet_name str

    The subnet name for the virtual nodes to run.

    connector_identities Sequence[KubernetesClusterAciConnectorLinuxConnectorIdentity]

    A connector_identity block is exported. The exported attributes are defined below.

    subnetName String

    The subnet name for the virtual nodes to run.

    connectorIdentities List<Property Map>

    A connector_identity block is exported. The exported attributes are defined below.

    KubernetesClusterAciConnectorLinuxConnectorIdentity

    ClientId string

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    ObjectId string

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    UserAssignedIdentityId string

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    ClientId string

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    ObjectId string

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    UserAssignedIdentityId string

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    clientId String

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    objectId String

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    userAssignedIdentityId String

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    clientId string

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    objectId string

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    userAssignedIdentityId string

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    client_id str

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    object_id str

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    user_assigned_identity_id str

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    clientId String

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    objectId String

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    userAssignedIdentityId String

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    KubernetesClusterApiServerAccessProfile

    AuthorizedIpRanges List<string>

    Set of authorized IP ranges to allow access to API server, e.g. ["198.51.100.0/24"].

    SubnetId string

    The ID of the Subnet where the API server endpoint is delegated to.

    VnetIntegrationEnabled bool

    Should API Server VNet Integration be enabled? For more details please visit Use API Server VNet Integration.

    AuthorizedIpRanges []string

    Set of authorized IP ranges to allow access to API server, e.g. ["198.51.100.0/24"].

    SubnetId string

    The ID of the Subnet where the API server endpoint is delegated to.

    VnetIntegrationEnabled bool

    Should API Server VNet Integration be enabled? For more details please visit Use API Server VNet Integration.

    authorizedIpRanges List<String>

    Set of authorized IP ranges to allow access to API server, e.g. ["198.51.100.0/24"].

    subnetId String

    The ID of the Subnet where the API server endpoint is delegated to.

    vnetIntegrationEnabled Boolean

    Should API Server VNet Integration be enabled? For more details please visit Use API Server VNet Integration.

    authorizedIpRanges string[]

    Set of authorized IP ranges to allow access to API server, e.g. ["198.51.100.0/24"].

    subnetId string

    The ID of the Subnet where the API server endpoint is delegated to.

    vnetIntegrationEnabled boolean

    Should API Server VNet Integration be enabled? For more details please visit Use API Server VNet Integration.

    authorized_ip_ranges Sequence[str]

    Set of authorized IP ranges to allow access to API server, e.g. ["198.51.100.0/24"].

    subnet_id str

    The ID of the Subnet where the API server endpoint is delegated to.

    vnet_integration_enabled bool

    Should API Server VNet Integration be enabled? For more details please visit Use API Server VNet Integration.

    authorizedIpRanges List<String>

    Set of authorized IP ranges to allow access to API server, e.g. ["198.51.100.0/24"].

    subnetId String

    The ID of the Subnet where the API server endpoint is delegated to.

    vnetIntegrationEnabled Boolean

    Should API Server VNet Integration be enabled? For more details please visit Use API Server VNet Integration.

    KubernetesClusterAutoScalerProfile

    BalanceSimilarNodeGroups bool

    Detect similar node groups and balance the number of nodes between them. Defaults to false.

    EmptyBulkDeleteMax string

    Maximum number of empty nodes that can be deleted at the same time. Defaults to 10.

    Expander string

    Expander to use. Possible values are least-waste, priority, most-pods and random. Defaults to random.

    MaxGracefulTerminationSec string

    Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to 600.

    MaxNodeProvisioningTime string

    Maximum time the autoscaler waits for a node to be provisioned. Defaults to 15m.

    MaxUnreadyNodes int

    Maximum Number of allowed unready nodes. Defaults to 3.

    MaxUnreadyPercentage double

    Maximum percentage of unready nodes the cluster autoscaler will stop if the percentage is exceeded. Defaults to 45.

    NewPodScaleUpDelay string

    For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. Defaults to 10s.

    ScaleDownDelayAfterAdd string

    How long after the scale up of AKS nodes the scale down evaluation resumes. Defaults to 10m.

    ScaleDownDelayAfterDelete string

    How long after node deletion that scale down evaluation resumes. Defaults to the value used for scan_interval.

    ScaleDownDelayAfterFailure string

    How long after scale down failure that scale down evaluation resumes. Defaults to 3m.

    ScaleDownUnneeded string

    How long a node should be unneeded before it is eligible for scale down. Defaults to 10m.

    ScaleDownUnready string

    How long an unready node should be unneeded before it is eligible for scale down. Defaults to 20m.

    ScaleDownUtilizationThreshold string

    Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down. Defaults to 0.5.

    ScanInterval string

    How often the AKS Cluster should be re-evaluated for scale up/down. Defaults to 10s.

    SkipNodesWithLocalStorage bool

    If true cluster autoscaler will never delete nodes with pods with local storage, for example, EmptyDir or HostPath. Defaults to true.

    SkipNodesWithSystemPods bool

    If true cluster autoscaler will never delete nodes with pods from kube-system (except for DaemonSet or mirror pods). Defaults to true.

    BalanceSimilarNodeGroups bool

    Detect similar node groups and balance the number of nodes between them. Defaults to false.

    EmptyBulkDeleteMax string

    Maximum number of empty nodes that can be deleted at the same time. Defaults to 10.

    Expander string

    Expander to use. Possible values are least-waste, priority, most-pods and random. Defaults to random.

    MaxGracefulTerminationSec string

    Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to 600.

    MaxNodeProvisioningTime string

    Maximum time the autoscaler waits for a node to be provisioned. Defaults to 15m.

    MaxUnreadyNodes int

    Maximum Number of allowed unready nodes. Defaults to 3.

    MaxUnreadyPercentage float64

    Maximum percentage of unready nodes the cluster autoscaler will stop if the percentage is exceeded. Defaults to 45.

    NewPodScaleUpDelay string

    For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. Defaults to 10s.

    ScaleDownDelayAfterAdd string

    How long after the scale up of AKS nodes the scale down evaluation resumes. Defaults to 10m.

    ScaleDownDelayAfterDelete string

    How long after node deletion that scale down evaluation resumes. Defaults to the value used for scan_interval.

    ScaleDownDelayAfterFailure string

    How long after scale down failure that scale down evaluation resumes. Defaults to 3m.

    ScaleDownUnneeded string

    How long a node should be unneeded before it is eligible for scale down. Defaults to 10m.

    ScaleDownUnready string

    How long an unready node should be unneeded before it is eligible for scale down. Defaults to 20m.

    ScaleDownUtilizationThreshold string

    Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down. Defaults to 0.5.

    ScanInterval string

    How often the AKS Cluster should be re-evaluated for scale up/down. Defaults to 10s.

    SkipNodesWithLocalStorage bool

    If true cluster autoscaler will never delete nodes with pods with local storage, for example, EmptyDir or HostPath. Defaults to true.

    SkipNodesWithSystemPods bool

    If true cluster autoscaler will never delete nodes with pods from kube-system (except for DaemonSet or mirror pods). Defaults to true.

    balanceSimilarNodeGroups Boolean

    Detect similar node groups and balance the number of nodes between them. Defaults to false.

    emptyBulkDeleteMax String

    Maximum number of empty nodes that can be deleted at the same time. Defaults to 10.

    expander String

    Expander to use. Possible values are least-waste, priority, most-pods and random. Defaults to random.

    maxGracefulTerminationSec String

    Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to 600.

    maxNodeProvisioningTime String

    Maximum time the autoscaler waits for a node to be provisioned. Defaults to 15m.

    maxUnreadyNodes Integer

    Maximum Number of allowed unready nodes. Defaults to 3.

    maxUnreadyPercentage Double

    Maximum percentage of unready nodes the cluster autoscaler will stop if the percentage is exceeded. Defaults to 45.

    newPodScaleUpDelay String

    For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. Defaults to 10s.

    scaleDownDelayAfterAdd String

    How long after the scale up of AKS nodes the scale down evaluation resumes. Defaults to 10m.

    scaleDownDelayAfterDelete String

    How long after node deletion that scale down evaluation resumes. Defaults to the value used for scan_interval.

    scaleDownDelayAfterFailure String

    How long after scale down failure that scale down evaluation resumes. Defaults to 3m.

    scaleDownUnneeded String

    How long a node should be unneeded before it is eligible for scale down. Defaults to 10m.

    scaleDownUnready String

    How long an unready node should be unneeded before it is eligible for scale down. Defaults to 20m.

    scaleDownUtilizationThreshold String

    Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down. Defaults to 0.5.

    scanInterval String

    How often the AKS Cluster should be re-evaluated for scale up/down. Defaults to 10s.

    skipNodesWithLocalStorage Boolean

    If true cluster autoscaler will never delete nodes with pods with local storage, for example, EmptyDir or HostPath. Defaults to true.

    skipNodesWithSystemPods Boolean

    If true cluster autoscaler will never delete nodes with pods from kube-system (except for DaemonSet or mirror pods). Defaults to true.

    balanceSimilarNodeGroups boolean

    Detect similar node groups and balance the number of nodes between them. Defaults to false.

    emptyBulkDeleteMax string

    Maximum number of empty nodes that can be deleted at the same time. Defaults to 10.

    expander string

    Expander to use. Possible values are least-waste, priority, most-pods and random. Defaults to random.

    maxGracefulTerminationSec string

    Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to 600.

    maxNodeProvisioningTime string

    Maximum time the autoscaler waits for a node to be provisioned. Defaults to 15m.

    maxUnreadyNodes number

    Maximum Number of allowed unready nodes. Defaults to 3.

    maxUnreadyPercentage number

    Maximum percentage of unready nodes the cluster autoscaler will stop if the percentage is exceeded. Defaults to 45.

    newPodScaleUpDelay string

    For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. Defaults to 10s.

    scaleDownDelayAfterAdd string

    How long after the scale up of AKS nodes the scale down evaluation resumes. Defaults to 10m.

    scaleDownDelayAfterDelete string

    How long after node deletion that scale down evaluation resumes. Defaults to the value used for scan_interval.

    scaleDownDelayAfterFailure string

    How long after scale down failure that scale down evaluation resumes. Defaults to 3m.

    scaleDownUnneeded string

    How long a node should be unneeded before it is eligible for scale down. Defaults to 10m.

    scaleDownUnready string

    How long an unready node should be unneeded before it is eligible for scale down. Defaults to 20m.

    scaleDownUtilizationThreshold string

    Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down. Defaults to 0.5.

    scanInterval string

    How often the AKS Cluster should be re-evaluated for scale up/down. Defaults to 10s.

    skipNodesWithLocalStorage boolean

    If true cluster autoscaler will never delete nodes with pods with local storage, for example, EmptyDir or HostPath. Defaults to true.

    skipNodesWithSystemPods boolean

    If true cluster autoscaler will never delete nodes with pods from kube-system (except for DaemonSet or mirror pods). Defaults to true.

    balance_similar_node_groups bool

    Detect similar node groups and balance the number of nodes between them. Defaults to false.

    empty_bulk_delete_max str

    Maximum number of empty nodes that can be deleted at the same time. Defaults to 10.

    expander str

    Expander to use. Possible values are least-waste, priority, most-pods and random. Defaults to random.

    max_graceful_termination_sec str

    Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to 600.

    max_node_provisioning_time str

    Maximum time the autoscaler waits for a node to be provisioned. Defaults to 15m.

    max_unready_nodes int

    Maximum Number of allowed unready nodes. Defaults to 3.

    max_unready_percentage float

    Maximum percentage of unready nodes the cluster autoscaler will stop if the percentage is exceeded. Defaults to 45.

    new_pod_scale_up_delay str

    For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. Defaults to 10s.

    scale_down_delay_after_add str

    How long after the scale up of AKS nodes the scale down evaluation resumes. Defaults to 10m.

    scale_down_delay_after_delete str

    How long after node deletion that scale down evaluation resumes. Defaults to the value used for scan_interval.

    scale_down_delay_after_failure str

    How long after scale down failure that scale down evaluation resumes. Defaults to 3m.

    scale_down_unneeded str

    How long a node should be unneeded before it is eligible for scale down. Defaults to 10m.

    scale_down_unready str

    How long an unready node should be unneeded before it is eligible for scale down. Defaults to 20m.

    scale_down_utilization_threshold str

    Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down. Defaults to 0.5.

    scan_interval str

    How often the AKS Cluster should be re-evaluated for scale up/down. Defaults to 10s.

    skip_nodes_with_local_storage bool

    If true cluster autoscaler will never delete nodes with pods with local storage, for example, EmptyDir or HostPath. Defaults to true.

    skip_nodes_with_system_pods bool

    If true cluster autoscaler will never delete nodes with pods from kube-system (except for DaemonSet or mirror pods). Defaults to true.

    balanceSimilarNodeGroups Boolean

    Detect similar node groups and balance the number of nodes between them. Defaults to false.

    emptyBulkDeleteMax String

    Maximum number of empty nodes that can be deleted at the same time. Defaults to 10.

    expander String

    Expander to use. Possible values are least-waste, priority, most-pods and random. Defaults to random.

    maxGracefulTerminationSec String

    Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to 600.

    maxNodeProvisioningTime String

    Maximum time the autoscaler waits for a node to be provisioned. Defaults to 15m.

    maxUnreadyNodes Number

    Maximum Number of allowed unready nodes. Defaults to 3.

    maxUnreadyPercentage Number

    Maximum percentage of unready nodes the cluster autoscaler will stop if the percentage is exceeded. Defaults to 45.

    newPodScaleUpDelay String

    For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. Defaults to 10s.

    scaleDownDelayAfterAdd String

    How long after the scale up of AKS nodes the scale down evaluation resumes. Defaults to 10m.

    scaleDownDelayAfterDelete String

    How long after node deletion that scale down evaluation resumes. Defaults to the value used for scan_interval.

    scaleDownDelayAfterFailure String

    How long after scale down failure that scale down evaluation resumes. Defaults to 3m.

    scaleDownUnneeded String

    How long a node should be unneeded before it is eligible for scale down. Defaults to 10m.

    scaleDownUnready String

    How long an unready node should be unneeded before it is eligible for scale down. Defaults to 20m.

    scaleDownUtilizationThreshold String

    Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down. Defaults to 0.5.

    scanInterval String

    How often the AKS Cluster should be re-evaluated for scale up/down. Defaults to 10s.

    skipNodesWithLocalStorage Boolean

    If true cluster autoscaler will never delete nodes with pods with local storage, for example, EmptyDir or HostPath. Defaults to true.

    skipNodesWithSystemPods Boolean

    If true cluster autoscaler will never delete nodes with pods from kube-system (except for DaemonSet or mirror pods). Defaults to true.

    KubernetesClusterAzureActiveDirectoryRoleBasedAccessControl

    AdminGroupObjectIds List<string>

    A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster.

    AzureRbacEnabled bool

    Is Role Based Access Control based on Azure AD enabled?

    ClientAppId string

    The Client ID of an Azure Active Directory Application.

    Managed bool

    Is the Azure Active Directory integration Managed, meaning that Azure will create/manage the Service Principal used for integration.

    ServerAppId string

    The Server ID of an Azure Active Directory Application.

    ServerAppSecret string

    The Server Secret of an Azure Active Directory Application.

    TenantId string

    The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.

    AdminGroupObjectIds []string

    A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster.

    AzureRbacEnabled bool

    Is Role Based Access Control based on Azure AD enabled?

    ClientAppId string

    The Client ID of an Azure Active Directory Application.

    Managed bool

    Is the Azure Active Directory integration Managed, meaning that Azure will create/manage the Service Principal used for integration.

    ServerAppId string

    The Server ID of an Azure Active Directory Application.

    ServerAppSecret string

    The Server Secret of an Azure Active Directory Application.

    TenantId string

    The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.

    adminGroupObjectIds List<String>

    A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster.

    azureRbacEnabled Boolean

    Is Role Based Access Control based on Azure AD enabled?

    clientAppId String

    The Client ID of an Azure Active Directory Application.

    managed Boolean

    Is the Azure Active Directory integration Managed, meaning that Azure will create/manage the Service Principal used for integration.

    serverAppId String

    The Server ID of an Azure Active Directory Application.

    serverAppSecret String

    The Server Secret of an Azure Active Directory Application.

    tenantId String

    The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.

    adminGroupObjectIds string[]

    A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster.

    azureRbacEnabled boolean

    Is Role Based Access Control based on Azure AD enabled?

    clientAppId string

    The Client ID of an Azure Active Directory Application.

    managed boolean

    Is the Azure Active Directory integration Managed, meaning that Azure will create/manage the Service Principal used for integration.

    serverAppId string

    The Server ID of an Azure Active Directory Application.

    serverAppSecret string

    The Server Secret of an Azure Active Directory Application.

    tenantId string

    The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.

    admin_group_object_ids Sequence[str]

    A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster.

    azure_rbac_enabled bool

    Is Role Based Access Control based on Azure AD enabled?

    client_app_id str

    The Client ID of an Azure Active Directory Application.

    managed bool

    Is the Azure Active Directory integration Managed, meaning that Azure will create/manage the Service Principal used for integration.

    server_app_id str

    The Server ID of an Azure Active Directory Application.

    server_app_secret str

    The Server Secret of an Azure Active Directory Application.

    tenant_id str

    The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.

    adminGroupObjectIds List<String>

    A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster.

    azureRbacEnabled Boolean

    Is Role Based Access Control based on Azure AD enabled?

    clientAppId String

    The Client ID of an Azure Active Directory Application.

    managed Boolean

    Is the Azure Active Directory integration Managed, meaning that Azure will create/manage the Service Principal used for integration.

    serverAppId String

    The Server ID of an Azure Active Directory Application.

    serverAppSecret String

    The Server Secret of an Azure Active Directory Application.

    tenantId String

    The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.

    KubernetesClusterConfidentialComputing

    SgxQuoteHelperEnabled bool

    Should the SGX quote helper be enabled?

    SgxQuoteHelperEnabled bool

    Should the SGX quote helper be enabled?

    sgxQuoteHelperEnabled Boolean

    Should the SGX quote helper be enabled?

    sgxQuoteHelperEnabled boolean

    Should the SGX quote helper be enabled?

    sgx_quote_helper_enabled bool

    Should the SGX quote helper be enabled?

    sgxQuoteHelperEnabled Boolean

    Should the SGX quote helper be enabled?

    KubernetesClusterDefaultNodePool

    Name string

    The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created.

    VmSize string

    The size of the Virtual Machine, such as Standard_DS2_v2.

    CapacityReservationGroupId string

    Specifies the ID of the Capacity Reservation Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.

    CustomCaTrustEnabled bool

    Specifies whether to trust a Custom CA.

    EnableAutoScaling bool

    Should the Kubernetes Auto Scaler be enabled for this Node Pool?

    EnableHostEncryption bool

    Should the nodes in the Default Node Pool have host encryption enabled? Changing this forces a new resource to be created.

    EnableNodePublicIp bool

    Should nodes in this Node Pool have a Public IP Address? Changing this forces a new resource to be created.

    FipsEnabled bool

    Should the nodes in this Node Pool have Federal Information Processing Standard enabled? Changing this forces a new resource to be created.

    HostGroupId string

    Specifies the ID of the Host Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.

    KubeletConfig KubernetesClusterDefaultNodePoolKubeletConfig

    A kubelet_config block as defined below. Changing this forces a new resource to be created.

    KubeletDiskType string

    The type of disk used by kubelet. Possible values are OS and Temporary.

    LinuxOsConfig KubernetesClusterDefaultNodePoolLinuxOsConfig

    A linux_os_config block as defined below. Changing this forces a new resource to be created.

    MaxCount int

    The maximum number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000.

    MaxPods int

    The maximum number of pods that can run on each agent. Changing this forces a new resource to be created.

    MessageOfTheDay string

    A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It cannot be specified for Windows nodes and must be a static string (i.e. will be printed raw and not executed as a script). Changing this forces a new resource to be created.

    MinCount int

    The minimum number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000.

    NodeCount int

    The initial number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000 and between min_count and max_count.

    NodeLabels Dictionary<string, string>

    A map of Kubernetes labels which should be applied to nodes in the Default Node Pool.

    NodeNetworkProfile KubernetesClusterDefaultNodePoolNodeNetworkProfile

    A node_network_profile block as documented below.

    NodePublicIpPrefixId string

    Resource ID for the Public IP Addresses Prefix for the nodes in this Node Pool. enable_node_public_ip should be true. Changing this forces a new resource to be created.

    NodeTaints List<string>

    A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created.

    OnlyCriticalAddonsEnabled bool

    Enabling this option will taint default node pool with CriticalAddonsOnly=true:NoSchedule taint. Changing this forces a new resource to be created.

    OrchestratorVersion string

    Version of Kubernetes used for the Agents. If not specified, the default node pool will be created with the version specified by kubernetes_version. If both are unspecified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    OsDiskSizeGb int

    The size of the OS Disk which should be used for each agent in the Node Pool. Changing this forces a new resource to be created.

    OsDiskType string

    The type of disk which should be used for the Operating System. Possible values are Ephemeral and Managed. Defaults to Managed. Changing this forces a new resource to be created.

    OsSku string

    Specifies the OS SKU used by the agent pool. Possible values include: Ubuntu, CBLMariner, Mariner, Windows2019, Windows2022. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated. Changing this forces a new resource to be created.

    PodSubnetId string

    The ID of the Subnet where the pods in the default Node Pool should exist. Changing this forces a new resource to be created.

    ProximityPlacementGroupId string

    The ID of the Proximity Placement Group. Changing this forces a new resource to be created.

    ScaleDownMode string

    Specifies the autoscaling behaviour of the Kubernetes Cluster. Allowed values are Delete and Deallocate. Defaults to Delete.

    Tags Dictionary<string, string>

    A mapping of tags to assign to the Node Pool.

    TemporaryNameForRotation string

    Specifies the name of the temporary node pool used to cycle the default node pool for VM resizing.

    Type string

    The type of Node Pool which should be created. Possible values are AvailabilitySet and VirtualMachineScaleSets. Defaults to VirtualMachineScaleSets. Changing this forces a new resource to be created.

    UltraSsdEnabled bool

    Used to specify whether the UltraSSD is enabled in the Default Node Pool. Defaults to false. See the documentation for more information. Changing this forces a new resource to be created.

    UpgradeSettings KubernetesClusterDefaultNodePoolUpgradeSettings

    A upgrade_settings block as documented below.

    VnetSubnetId string

    The ID of a Subnet where the Kubernetes Node Pool should exist. Changing this forces a new resource to be created.

    WorkloadRuntime string

    Specifies the workload runtime used by the node pool. Possible values are OCIContainer and KataMshvVmIsolation.

    Zones List<string>

    Specifies a list of Availability Zones in which this Kubernetes Cluster should be located. Changing this forces a new Kubernetes Cluster to be created.

    Name string

    The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created.

    VmSize string

    The size of the Virtual Machine, such as Standard_DS2_v2.

    CapacityReservationGroupId string

    Specifies the ID of the Capacity Reservation Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.

    CustomCaTrustEnabled bool

    Specifies whether to trust a Custom CA.

    EnableAutoScaling bool

    Should the Kubernetes Auto Scaler be enabled for this Node Pool?

    EnableHostEncryption bool

    Should the nodes in the Default Node Pool have host encryption enabled? Changing this forces a new resource to be created.

    EnableNodePublicIp bool

    Should nodes in this Node Pool have a Public IP Address? Changing this forces a new resource to be created.

    FipsEnabled bool

    Should the nodes in this Node Pool have Federal Information Processing Standard enabled? Changing this forces a new resource to be created.

    HostGroupId string

    Specifies the ID of the Host Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.

    KubeletConfig KubernetesClusterDefaultNodePoolKubeletConfig

    A kubelet_config block as defined below. Changing this forces a new resource to be created.

    KubeletDiskType string

    The type of disk used by kubelet. Possible values are OS and Temporary.

    LinuxOsConfig KubernetesClusterDefaultNodePoolLinuxOsConfig

    A linux_os_config block as defined below. Changing this forces a new resource to be created.

    MaxCount int

    The maximum number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000.

    MaxPods int

    The maximum number of pods that can run on each agent. Changing this forces a new resource to be created.

    MessageOfTheDay string

    A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It cannot be specified for Windows nodes and must be a static string (i.e. will be printed raw and not executed as a script). Changing this forces a new resource to be created.

    MinCount int

    The minimum number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000.

    NodeCount int

    The initial number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000 and between min_count and max_count.

    NodeLabels map[string]string

    A map of Kubernetes labels which should be applied to nodes in the Default Node Pool.

    NodeNetworkProfile KubernetesClusterDefaultNodePoolNodeNetworkProfile

    A node_network_profile block as documented below.

    NodePublicIpPrefixId string

    Resource ID for the Public IP Addresses Prefix for the nodes in this Node Pool. enable_node_public_ip should be true. Changing this forces a new resource to be created.

    NodeTaints []string

    A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created.

    OnlyCriticalAddonsEnabled bool

    Enabling this option will taint default node pool with CriticalAddonsOnly=true:NoSchedule taint. Changing this forces a new resource to be created.

    OrchestratorVersion string

    Version of Kubernetes used for the Agents. If not specified, the default node pool will be created with the version specified by kubernetes_version. If both are unspecified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    OsDiskSizeGb int

    The size of the OS Disk which should be used for each agent in the Node Pool. Changing this forces a new resource to be created.

    OsDiskType string

    The type of disk which should be used for the Operating System. Possible values are Ephemeral and Managed. Defaults to Managed. Changing this forces a new resource to be created.

    OsSku string

    Specifies the OS SKU used by the agent pool. Possible values include: Ubuntu, CBLMariner, Mariner, Windows2019, Windows2022. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated. Changing this forces a new resource to be created.

    PodSubnetId string

    The ID of the Subnet where the pods in the default Node Pool should exist. Changing this forces a new resource to be created.

    ProximityPlacementGroupId string

    The ID of the Proximity Placement Group. Changing this forces a new resource to be created.

    ScaleDownMode string

    Specifies the autoscaling behaviour of the Kubernetes Cluster. Allowed values are Delete and Deallocate. Defaults to Delete.

    Tags map[string]string

    A mapping of tags to assign to the Node Pool.

    TemporaryNameForRotation string

    Specifies the name of the temporary node pool used to cycle the default node pool for VM resizing.

    Type string

    The type of Node Pool which should be created. Possible values are AvailabilitySet and VirtualMachineScaleSets. Defaults to VirtualMachineScaleSets. Changing this forces a new resource to be created.

    UltraSsdEnabled bool

    Used to specify whether the UltraSSD is enabled in the Default Node Pool. Defaults to false. See the documentation for more information. Changing this forces a new resource to be created.

    UpgradeSettings KubernetesClusterDefaultNodePoolUpgradeSettings

    A upgrade_settings block as documented below.

    VnetSubnetId string

    The ID of a Subnet where the Kubernetes Node Pool should exist. Changing this forces a new resource to be created.

    WorkloadRuntime string

    Specifies the workload runtime used by the node pool. Possible values are OCIContainer and KataMshvVmIsolation.

    Zones []string

    Specifies a list of Availability Zones in which this Kubernetes Cluster should be located. Changing this forces a new Kubernetes Cluster to be created.

    name String

    The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created.

    vmSize String

    The size of the Virtual Machine, such as Standard_DS2_v2.

    capacityReservationGroupId String

    Specifies the ID of the Capacity Reservation Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.

    customCaTrustEnabled Boolean

    Specifies whether to trust a Custom CA.

    enableAutoScaling Boolean

    Should the Kubernetes Auto Scaler be enabled for this Node Pool?

    enableHostEncryption Boolean

    Should the nodes in the Default Node Pool have host encryption enabled? Changing this forces a new resource to be created.

    enableNodePublicIp Boolean

    Should nodes in this Node Pool have a Public IP Address? Changing this forces a new resource to be created.

    fipsEnabled Boolean

    Should the nodes in this Node Pool have Federal Information Processing Standard enabled? Changing this forces a new resource to be created.

    hostGroupId String

    Specifies the ID of the Host Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.

    kubeletConfig KubernetesClusterDefaultNodePoolKubeletConfig

    A kubelet_config block as defined below. Changing this forces a new resource to be created.

    kubeletDiskType String

    The type of disk used by kubelet. Possible values are OS and Temporary.

    linuxOsConfig KubernetesClusterDefaultNodePoolLinuxOsConfig

    A linux_os_config block as defined below. Changing this forces a new resource to be created.

    maxCount Integer

    The maximum number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000.

    maxPods Integer

    The maximum number of pods that can run on each agent. Changing this forces a new resource to be created.

    messageOfTheDay String

    A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It cannot be specified for Windows nodes and must be a static string (i.e. will be printed raw and not executed as a script). Changing this forces a new resource to be created.

    minCount Integer

    The minimum number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000.

    nodeCount Integer

    The initial number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000 and between min_count and max_count.

    nodeLabels Map<String,String>

    A map of Kubernetes labels which should be applied to nodes in the Default Node Pool.

    nodeNetworkProfile KubernetesClusterDefaultNodePoolNodeNetworkProfile

    A node_network_profile block as documented below.

    nodePublicIpPrefixId String

    Resource ID for the Public IP Addresses Prefix for the nodes in this Node Pool. enable_node_public_ip should be true. Changing this forces a new resource to be created.

    nodeTaints List<String>

    A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created.

    onlyCriticalAddonsEnabled Boolean

    Enabling this option will taint default node pool with CriticalAddonsOnly=true:NoSchedule taint. Changing this forces a new resource to be created.

    orchestratorVersion String

    Version of Kubernetes used for the Agents. If not specified, the default node pool will be created with the version specified by kubernetes_version. If both are unspecified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    osDiskSizeGb Integer

    The size of the OS Disk which should be used for each agent in the Node Pool. Changing this forces a new resource to be created.

    osDiskType String

    The type of disk which should be used for the Operating System. Possible values are Ephemeral and Managed. Defaults to Managed. Changing this forces a new resource to be created.

    osSku String

    Specifies the OS SKU used by the agent pool. Possible values include: Ubuntu, CBLMariner, Mariner, Windows2019, Windows2022. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated. Changing this forces a new resource to be created.

    podSubnetId String

    The ID of the Subnet where the pods in the default Node Pool should exist. Changing this forces a new resource to be created.

    proximityPlacementGroupId String

    The ID of the Proximity Placement Group. Changing this forces a new resource to be created.

    scaleDownMode String

    Specifies the autoscaling behaviour of the Kubernetes Cluster. Allowed values are Delete and Deallocate. Defaults to Delete.

    tags Map<String,String>

    A mapping of tags to assign to the Node Pool.

    temporaryNameForRotation String

    Specifies the name of the temporary node pool used to cycle the default node pool for VM resizing.

    type String

    The type of Node Pool which should be created. Possible values are AvailabilitySet and VirtualMachineScaleSets. Defaults to VirtualMachineScaleSets. Changing this forces a new resource to be created.

    ultraSsdEnabled Boolean

    Used to specify whether the UltraSSD is enabled in the Default Node Pool. Defaults to false. See the documentation for more information. Changing this forces a new resource to be created.

    upgradeSettings KubernetesClusterDefaultNodePoolUpgradeSettings

    A upgrade_settings block as documented below.

    vnetSubnetId String

    The ID of a Subnet where the Kubernetes Node Pool should exist. Changing this forces a new resource to be created.

    workloadRuntime String

    Specifies the workload runtime used by the node pool. Possible values are OCIContainer and KataMshvVmIsolation.

    zones List<String>

    Specifies a list of Availability Zones in which this Kubernetes Cluster should be located. Changing this forces a new Kubernetes Cluster to be created.

    name string

    The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created.

    vmSize string

    The size of the Virtual Machine, such as Standard_DS2_v2.

    capacityReservationGroupId string

    Specifies the ID of the Capacity Reservation Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.

    customCaTrustEnabled boolean

    Specifies whether to trust a Custom CA.

    enableAutoScaling boolean

    Should the Kubernetes Auto Scaler be enabled for this Node Pool?

    enableHostEncryption boolean

    Should the nodes in the Default Node Pool have host encryption enabled? Changing this forces a new resource to be created.

    enableNodePublicIp boolean

    Should nodes in this Node Pool have a Public IP Address? Changing this forces a new resource to be created.

    fipsEnabled boolean

    Should the nodes in this Node Pool have Federal Information Processing Standard enabled? Changing this forces a new resource to be created.

    hostGroupId string

    Specifies the ID of the Host Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.

    kubeletConfig KubernetesClusterDefaultNodePoolKubeletConfig

    A kubelet_config block as defined below. Changing this forces a new resource to be created.

    kubeletDiskType string

    The type of disk used by kubelet. Possible values are OS and Temporary.

    linuxOsConfig KubernetesClusterDefaultNodePoolLinuxOsConfig

    A linux_os_config block as defined below. Changing this forces a new resource to be created.

    maxCount number

    The maximum number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000.

    maxPods number

    The maximum number of pods that can run on each agent. Changing this forces a new resource to be created.

    messageOfTheDay string

    A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It cannot be specified for Windows nodes and must be a static string (i.e. will be printed raw and not executed as a script). Changing this forces a new resource to be created.

    minCount number

    The minimum number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000.

    nodeCount number

    The initial number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000 and between min_count and max_count.

    nodeLabels {[key: string]: string}

    A map of Kubernetes labels which should be applied to nodes in the Default Node Pool.

    nodeNetworkProfile KubernetesClusterDefaultNodePoolNodeNetworkProfile

    A node_network_profile block as documented below.

    nodePublicIpPrefixId string

    Resource ID for the Public IP Addresses Prefix for the nodes in this Node Pool. enable_node_public_ip should be true. Changing this forces a new resource to be created.

    nodeTaints string[]

    A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created.

    onlyCriticalAddonsEnabled boolean

    Enabling this option will taint default node pool with CriticalAddonsOnly=true:NoSchedule taint. Changing this forces a new resource to be created.

    orchestratorVersion string

    Version of Kubernetes used for the Agents. If not specified, the default node pool will be created with the version specified by kubernetes_version. If both are unspecified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    osDiskSizeGb number

    The size of the OS Disk which should be used for each agent in the Node Pool. Changing this forces a new resource to be created.

    osDiskType string

    The type of disk which should be used for the Operating System. Possible values are Ephemeral and Managed. Defaults to Managed. Changing this forces a new resource to be created.

    osSku string

    Specifies the OS SKU used by the agent pool. Possible values include: Ubuntu, CBLMariner, Mariner, Windows2019, Windows2022. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated. Changing this forces a new resource to be created.

    podSubnetId string

    The ID of the Subnet where the pods in the default Node Pool should exist. Changing this forces a new resource to be created.

    proximityPlacementGroupId string

    The ID of the Proximity Placement Group. Changing this forces a new resource to be created.

    scaleDownMode string

    Specifies the autoscaling behaviour of the Kubernetes Cluster. Allowed values are Delete and Deallocate. Defaults to Delete.

    tags {[key: string]: string}

    A mapping of tags to assign to the Node Pool.

    temporaryNameForRotation string

    Specifies the name of the temporary node pool used to cycle the default node pool for VM resizing.

    type string

    The type of Node Pool which should be created. Possible values are AvailabilitySet and VirtualMachineScaleSets. Defaults to VirtualMachineScaleSets. Changing this forces a new resource to be created.

    ultraSsdEnabled boolean

    Used to specify whether the UltraSSD is enabled in the Default Node Pool. Defaults to false. See the documentation for more information. Changing this forces a new resource to be created.

    upgradeSettings KubernetesClusterDefaultNodePoolUpgradeSettings

    A upgrade_settings block as documented below.

    vnetSubnetId string

    The ID of a Subnet where the Kubernetes Node Pool should exist. Changing this forces a new resource to be created.

    workloadRuntime string

    Specifies the workload runtime used by the node pool. Possible values are OCIContainer and KataMshvVmIsolation.

    zones string[]

    Specifies a list of Availability Zones in which this Kubernetes Cluster should be located. Changing this forces a new Kubernetes Cluster to be created.

    name str

    The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created.

    vm_size str

    The size of the Virtual Machine, such as Standard_DS2_v2.

    capacity_reservation_group_id str

    Specifies the ID of the Capacity Reservation Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.

    custom_ca_trust_enabled bool

    Specifies whether to trust a Custom CA.

    enable_auto_scaling bool

    Should the Kubernetes Auto Scaler be enabled for this Node Pool?

    enable_host_encryption bool

    Should the nodes in the Default Node Pool have host encryption enabled? Changing this forces a new resource to be created.

    enable_node_public_ip bool

    Should nodes in this Node Pool have a Public IP Address? Changing this forces a new resource to be created.

    fips_enabled bool

    Should the nodes in this Node Pool have Federal Information Processing Standard enabled? Changing this forces a new resource to be created.

    host_group_id str

    Specifies the ID of the Host Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.

    kubelet_config KubernetesClusterDefaultNodePoolKubeletConfig

    A kubelet_config block as defined below. Changing this forces a new resource to be created.

    kubelet_disk_type str

    The type of disk used by kubelet. Possible values are OS and Temporary.

    linux_os_config KubernetesClusterDefaultNodePoolLinuxOsConfig

    A linux_os_config block as defined below. Changing this forces a new resource to be created.

    max_count int

    The maximum number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000.

    max_pods int

    The maximum number of pods that can run on each agent. Changing this forces a new resource to be created.

    message_of_the_day str

    A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It cannot be specified for Windows nodes and must be a static string (i.e. will be printed raw and not executed as a script). Changing this forces a new resource to be created.

    min_count int

    The minimum number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000.

    node_count int

    The initial number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000 and between min_count and max_count.

    node_labels Mapping[str, str]

    A map of Kubernetes labels which should be applied to nodes in the Default Node Pool.

    node_network_profile KubernetesClusterDefaultNodePoolNodeNetworkProfile

    A node_network_profile block as documented below.

    node_public_ip_prefix_id str

    Resource ID for the Public IP Addresses Prefix for the nodes in this Node Pool. enable_node_public_ip should be true. Changing this forces a new resource to be created.

    node_taints Sequence[str]

    A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created.

    only_critical_addons_enabled bool

    Enabling this option will taint default node pool with CriticalAddonsOnly=true:NoSchedule taint. Changing this forces a new resource to be created.

    orchestrator_version str

    Version of Kubernetes used for the Agents. If not specified, the default node pool will be created with the version specified by kubernetes_version. If both are unspecified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    os_disk_size_gb int

    The size of the OS Disk which should be used for each agent in the Node Pool. Changing this forces a new resource to be created.

    os_disk_type str

    The type of disk which should be used for the Operating System. Possible values are Ephemeral and Managed. Defaults to Managed. Changing this forces a new resource to be created.

    os_sku str

    Specifies the OS SKU used by the agent pool. Possible values include: Ubuntu, CBLMariner, Mariner, Windows2019, Windows2022. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated. Changing this forces a new resource to be created.

    pod_subnet_id str

    The ID of the Subnet where the pods in the default Node Pool should exist. Changing this forces a new resource to be created.

    proximity_placement_group_id str

    The ID of the Proximity Placement Group. Changing this forces a new resource to be created.

    scale_down_mode str

    Specifies the autoscaling behaviour of the Kubernetes Cluster. Allowed values are Delete and Deallocate. Defaults to Delete.

    tags Mapping[str, str]

    A mapping of tags to assign to the Node Pool.

    temporary_name_for_rotation str

    Specifies the name of the temporary node pool used to cycle the default node pool for VM resizing.

    type str

    The type of Node Pool which should be created. Possible values are AvailabilitySet and VirtualMachineScaleSets. Defaults to VirtualMachineScaleSets. Changing this forces a new resource to be created.

    ultra_ssd_enabled bool

    Used to specify whether the UltraSSD is enabled in the Default Node Pool. Defaults to false. See the documentation for more information. Changing this forces a new resource to be created.

    upgrade_settings KubernetesClusterDefaultNodePoolUpgradeSettings

    A upgrade_settings block as documented below.

    vnet_subnet_id str

    The ID of a Subnet where the Kubernetes Node Pool should exist. Changing this forces a new resource to be created.

    workload_runtime str

    Specifies the workload runtime used by the node pool. Possible values are OCIContainer and KataMshvVmIsolation.

    zones Sequence[str]

    Specifies a list of Availability Zones in which this Kubernetes Cluster should be located. Changing this forces a new Kubernetes Cluster to be created.

    name String

    The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created.

    vmSize String

    The size of the Virtual Machine, such as Standard_DS2_v2.

    capacityReservationGroupId String

    Specifies the ID of the Capacity Reservation Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.

    customCaTrustEnabled Boolean

    Specifies whether to trust a Custom CA.

    enableAutoScaling Boolean

    Should the Kubernetes Auto Scaler be enabled for this Node Pool?

    enableHostEncryption Boolean

    Should the nodes in the Default Node Pool have host encryption enabled? Changing this forces a new resource to be created.

    enableNodePublicIp Boolean

    Should nodes in this Node Pool have a Public IP Address? Changing this forces a new resource to be created.

    fipsEnabled Boolean

    Should the nodes in this Node Pool have Federal Information Processing Standard enabled? Changing this forces a new resource to be created.

    hostGroupId String

    Specifies the ID of the Host Group within which this AKS Cluster should be created. Changing this forces a new resource to be created.

    kubeletConfig Property Map

    A kubelet_config block as defined below. Changing this forces a new resource to be created.

    kubeletDiskType String

    The type of disk used by kubelet. Possible values are OS and Temporary.

    linuxOsConfig Property Map

    A linux_os_config block as defined below. Changing this forces a new resource to be created.

    maxCount Number

    The maximum number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000.

    maxPods Number

    The maximum number of pods that can run on each agent. Changing this forces a new resource to be created.

    messageOfTheDay String

    A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It cannot be specified for Windows nodes and must be a static string (i.e. will be printed raw and not executed as a script). Changing this forces a new resource to be created.

    minCount Number

    The minimum number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000.

    nodeCount Number

    The initial number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000 and between min_count and max_count.

    nodeLabels Map<String>

    A map of Kubernetes labels which should be applied to nodes in the Default Node Pool.

    nodeNetworkProfile Property Map

    A node_network_profile block as documented below.

    nodePublicIpPrefixId String

    Resource ID for the Public IP Addresses Prefix for the nodes in this Node Pool. enable_node_public_ip should be true. Changing this forces a new resource to be created.

    nodeTaints List<String>

    A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created.

    onlyCriticalAddonsEnabled Boolean

    Enabling this option will taint default node pool with CriticalAddonsOnly=true:NoSchedule taint. Changing this forces a new resource to be created.

    orchestratorVersion String

    Version of Kubernetes used for the Agents. If not specified, the default node pool will be created with the version specified by kubernetes_version. If both are unspecified, the latest recommended version will be used at provisioning time (but won't auto-upgrade). AKS does not require an exact patch version to be specified, minor version aliases such as 1.22 are also supported. - The minor version's latest GA patch is automatically chosen in that case. More details can be found in the documentation.

    osDiskSizeGb Number

    The size of the OS Disk which should be used for each agent in the Node Pool. Changing this forces a new resource to be created.

    osDiskType String

    The type of disk which should be used for the Operating System. Possible values are Ephemeral and Managed. Defaults to Managed. Changing this forces a new resource to be created.

    osSku String

    Specifies the OS SKU used by the agent pool. Possible values include: Ubuntu, CBLMariner, Mariner, Windows2019, Windows2022. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated. Changing this forces a new resource to be created.

    podSubnetId String

    The ID of the Subnet where the pods in the default Node Pool should exist. Changing this forces a new resource to be created.

    proximityPlacementGroupId String

    The ID of the Proximity Placement Group. Changing this forces a new resource to be created.

    scaleDownMode String

    Specifies the autoscaling behaviour of the Kubernetes Cluster. Allowed values are Delete and Deallocate. Defaults to Delete.

    tags Map<String>

    A mapping of tags to assign to the Node Pool.

    temporaryNameForRotation String

    Specifies the name of the temporary node pool used to cycle the default node pool for VM resizing.

    type String

    The type of Node Pool which should be created. Possible values are AvailabilitySet and VirtualMachineScaleSets. Defaults to VirtualMachineScaleSets. Changing this forces a new resource to be created.

    ultraSsdEnabled Boolean

    Used to specify whether the UltraSSD is enabled in the Default Node Pool. Defaults to false. See the documentation for more information. Changing this forces a new resource to be created.

    upgradeSettings Property Map

    A upgrade_settings block as documented below.

    vnetSubnetId String

    The ID of a Subnet where the Kubernetes Node Pool should exist. Changing this forces a new resource to be created.

    workloadRuntime String

    Specifies the workload runtime used by the node pool. Possible values are OCIContainer and KataMshvVmIsolation.

    zones List<String>

    Specifies a list of Availability Zones in which this Kubernetes Cluster should be located. Changing this forces a new Kubernetes Cluster to be created.

    KubernetesClusterDefaultNodePoolKubeletConfig

    AllowedUnsafeSysctls List<string>

    Specifies the allow list of unsafe sysctls command or patterns (ending in *). Changing this forces a new resource to be created.

    ContainerLogMaxLine int

    Specifies the maximum number of container log files that can be present for a container. must be at least 2. Changing this forces a new resource to be created.

    ContainerLogMaxSizeMb int

    Specifies the maximum size (e.g. 10MB) of container log file before it is rotated. Changing this forces a new resource to be created.

    CpuCfsQuotaEnabled bool

    Is CPU CFS quota enforcement for containers enabled? Changing this forces a new resource to be created.

    CpuCfsQuotaPeriod string

    Specifies the CPU CFS quota period value. Changing this forces a new resource to be created.

    CpuManagerPolicy string

    Specifies the CPU Manager policy to use. Possible values are none and static, Changing this forces a new resource to be created.

    ImageGcHighThreshold int

    Specifies the percent of disk usage above which image garbage collection is always run. Must be between 0 and 100. Changing this forces a new resource to be created.

    ImageGcLowThreshold int

    Specifies the percent of disk usage lower than which image garbage collection is never run. Must be between 0 and 100. Changing this forces a new resource to be created.

    PodMaxPid int

    Specifies the maximum number of processes per pod. Changing this forces a new resource to be created.

    TopologyManagerPolicy string

    Specifies the Topology Manager policy to use. Possible values are none, best-effort, restricted or single-numa-node. Changing this forces a new resource to be created.

    AllowedUnsafeSysctls []string

    Specifies the allow list of unsafe sysctls command or patterns (ending in *). Changing this forces a new resource to be created.

    ContainerLogMaxLine int

    Specifies the maximum number of container log files that can be present for a container. must be at least 2. Changing this forces a new resource to be created.

    ContainerLogMaxSizeMb int

    Specifies the maximum size (e.g. 10MB) of container log file before it is rotated. Changing this forces a new resource to be created.

    CpuCfsQuotaEnabled bool

    Is CPU CFS quota enforcement for containers enabled? Changing this forces a new resource to be created.

    CpuCfsQuotaPeriod string

    Specifies the CPU CFS quota period value. Changing this forces a new resource to be created.

    CpuManagerPolicy string

    Specifies the CPU Manager policy to use. Possible values are none and static, Changing this forces a new resource to be created.

    ImageGcHighThreshold int

    Specifies the percent of disk usage above which image garbage collection is always run. Must be between 0 and 100. Changing this forces a new resource to be created.

    ImageGcLowThreshold int

    Specifies the percent of disk usage lower than which image garbage collection is never run. Must be between 0 and 100. Changing this forces a new resource to be created.

    PodMaxPid int

    Specifies the maximum number of processes per pod. Changing this forces a new resource to be created.

    TopologyManagerPolicy string

    Specifies the Topology Manager policy to use. Possible values are none, best-effort, restricted or single-numa-node. Changing this forces a new resource to be created.

    allowedUnsafeSysctls List<String>

    Specifies the allow list of unsafe sysctls command or patterns (ending in *). Changing this forces a new resource to be created.

    containerLogMaxLine Integer

    Specifies the maximum number of container log files that can be present for a container. must be at least 2. Changing this forces a new resource to be created.

    containerLogMaxSizeMb Integer

    Specifies the maximum size (e.g. 10MB) of container log file before it is rotated. Changing this forces a new resource to be created.

    cpuCfsQuotaEnabled Boolean

    Is CPU CFS quota enforcement for containers enabled? Changing this forces a new resource to be created.

    cpuCfsQuotaPeriod String

    Specifies the CPU CFS quota period value. Changing this forces a new resource to be created.

    cpuManagerPolicy String

    Specifies the CPU Manager policy to use. Possible values are none and static, Changing this forces a new resource to be created.

    imageGcHighThreshold Integer

    Specifies the percent of disk usage above which image garbage collection is always run. Must be between 0 and 100. Changing this forces a new resource to be created.

    imageGcLowThreshold Integer

    Specifies the percent of disk usage lower than which image garbage collection is never run. Must be between 0 and 100. Changing this forces a new resource to be created.

    podMaxPid Integer

    Specifies the maximum number of processes per pod. Changing this forces a new resource to be created.

    topologyManagerPolicy String

    Specifies the Topology Manager policy to use. Possible values are none, best-effort, restricted or single-numa-node. Changing this forces a new resource to be created.

    allowedUnsafeSysctls string[]

    Specifies the allow list of unsafe sysctls command or patterns (ending in *). Changing this forces a new resource to be created.

    containerLogMaxLine number

    Specifies the maximum number of container log files that can be present for a container. must be at least 2. Changing this forces a new resource to be created.

    containerLogMaxSizeMb number

    Specifies the maximum size (e.g. 10MB) of container log file before it is rotated. Changing this forces a new resource to be created.

    cpuCfsQuotaEnabled boolean

    Is CPU CFS quota enforcement for containers enabled? Changing this forces a new resource to be created.

    cpuCfsQuotaPeriod string

    Specifies the CPU CFS quota period value. Changing this forces a new resource to be created.

    cpuManagerPolicy string

    Specifies the CPU Manager policy to use. Possible values are none and static, Changing this forces a new resource to be created.

    imageGcHighThreshold number

    Specifies the percent of disk usage above which image garbage collection is always run. Must be between 0 and 100. Changing this forces a new resource to be created.

    imageGcLowThreshold number

    Specifies the percent of disk usage lower than which image garbage collection is never run. Must be between 0 and 100. Changing this forces a new resource to be created.

    podMaxPid number

    Specifies the maximum number of processes per pod. Changing this forces a new resource to be created.

    topologyManagerPolicy string

    Specifies the Topology Manager policy to use. Possible values are none, best-effort, restricted or single-numa-node. Changing this forces a new resource to be created.

    allowed_unsafe_sysctls Sequence[str]

    Specifies the allow list of unsafe sysctls command or patterns (ending in *). Changing this forces a new resource to be created.

    container_log_max_line int

    Specifies the maximum number of container log files that can be present for a container. must be at least 2. Changing this forces a new resource to be created.

    container_log_max_size_mb int

    Specifies the maximum size (e.g. 10MB) of container log file before it is rotated. Changing this forces a new resource to be created.

    cpu_cfs_quota_enabled bool

    Is CPU CFS quota enforcement for containers enabled? Changing this forces a new resource to be created.

    cpu_cfs_quota_period str

    Specifies the CPU CFS quota period value. Changing this forces a new resource to be created.

    cpu_manager_policy str

    Specifies the CPU Manager policy to use. Possible values are none and static, Changing this forces a new resource to be created.

    image_gc_high_threshold int

    Specifies the percent of disk usage above which image garbage collection is always run. Must be between 0 and 100. Changing this forces a new resource to be created.

    image_gc_low_threshold int

    Specifies the percent of disk usage lower than which image garbage collection is never run. Must be between 0 and 100. Changing this forces a new resource to be created.

    pod_max_pid int

    Specifies the maximum number of processes per pod. Changing this forces a new resource to be created.

    topology_manager_policy str

    Specifies the Topology Manager policy to use. Possible values are none, best-effort, restricted or single-numa-node. Changing this forces a new resource to be created.

    allowedUnsafeSysctls List<String>

    Specifies the allow list of unsafe sysctls command or patterns (ending in *). Changing this forces a new resource to be created.

    containerLogMaxLine Number

    Specifies the maximum number of container log files that can be present for a container. must be at least 2. Changing this forces a new resource to be created.

    containerLogMaxSizeMb Number

    Specifies the maximum size (e.g. 10MB) of container log file before it is rotated. Changing this forces a new resource to be created.

    cpuCfsQuotaEnabled Boolean

    Is CPU CFS quota enforcement for containers enabled? Changing this forces a new resource to be created.

    cpuCfsQuotaPeriod String

    Specifies the CPU CFS quota period value. Changing this forces a new resource to be created.

    cpuManagerPolicy String

    Specifies the CPU Manager policy to use. Possible values are none and static, Changing this forces a new resource to be created.

    imageGcHighThreshold Number

    Specifies the percent of disk usage above which image garbage collection is always run. Must be between 0 and 100. Changing this forces a new resource to be created.

    imageGcLowThreshold Number

    Specifies the percent of disk usage lower than which image garbage collection is never run. Must be between 0 and 100. Changing this forces a new resource to be created.

    podMaxPid Number

    Specifies the maximum number of processes per pod. Changing this forces a new resource to be created.

    topologyManagerPolicy String

    Specifies the Topology Manager policy to use. Possible values are none, best-effort, restricted or single-numa-node. Changing this forces a new resource to be created.

    KubernetesClusterDefaultNodePoolLinuxOsConfig

    SwapFileSizeMb int

    Specifies the size of the swap file on each node in MB. Changing this forces a new resource to be created.

    SysctlConfig KubernetesClusterDefaultNodePoolLinuxOsConfigSysctlConfig

    A sysctl_config block as defined below. Changing this forces a new resource to be created.

    TransparentHugePageDefrag string

    specifies the defrag configuration for Transparent Huge Page. Possible values are always, defer, defer+madvise, madvise and never. Changing this forces a new resource to be created.

    TransparentHugePageEnabled string

    Specifies the Transparent Huge Page enabled configuration. Possible values are always, madvise and never. Changing this forces a new resource to be created.

    SwapFileSizeMb int

    Specifies the size of the swap file on each node in MB. Changing this forces a new resource to be created.

    SysctlConfig KubernetesClusterDefaultNodePoolLinuxOsConfigSysctlConfig

    A sysctl_config block as defined below. Changing this forces a new resource to be created.

    TransparentHugePageDefrag string

    specifies the defrag configuration for Transparent Huge Page. Possible values are always, defer, defer+madvise, madvise and never. Changing this forces a new resource to be created.

    TransparentHugePageEnabled string

    Specifies the Transparent Huge Page enabled configuration. Possible values are always, madvise and never. Changing this forces a new resource to be created.

    swapFileSizeMb Integer

    Specifies the size of the swap file on each node in MB. Changing this forces a new resource to be created.

    sysctlConfig KubernetesClusterDefaultNodePoolLinuxOsConfigSysctlConfig

    A sysctl_config block as defined below. Changing this forces a new resource to be created.

    transparentHugePageDefrag String

    specifies the defrag configuration for Transparent Huge Page. Possible values are always, defer, defer+madvise, madvise and never. Changing this forces a new resource to be created.

    transparentHugePageEnabled String

    Specifies the Transparent Huge Page enabled configuration. Possible values are always, madvise and never. Changing this forces a new resource to be created.

    swapFileSizeMb number

    Specifies the size of the swap file on each node in MB. Changing this forces a new resource to be created.

    sysctlConfig KubernetesClusterDefaultNodePoolLinuxOsConfigSysctlConfig

    A sysctl_config block as defined below. Changing this forces a new resource to be created.

    transparentHugePageDefrag string

    specifies the defrag configuration for Transparent Huge Page. Possible values are always, defer, defer+madvise, madvise and never. Changing this forces a new resource to be created.

    transparentHugePageEnabled string

    Specifies the Transparent Huge Page enabled configuration. Possible values are always, madvise and never. Changing this forces a new resource to be created.

    swap_file_size_mb int

    Specifies the size of the swap file on each node in MB. Changing this forces a new resource to be created.

    sysctl_config KubernetesClusterDefaultNodePoolLinuxOsConfigSysctlConfig

    A sysctl_config block as defined below. Changing this forces a new resource to be created.

    transparent_huge_page_defrag str

    specifies the defrag configuration for Transparent Huge Page. Possible values are always, defer, defer+madvise, madvise and never. Changing this forces a new resource to be created.

    transparent_huge_page_enabled str

    Specifies the Transparent Huge Page enabled configuration. Possible values are always, madvise and never. Changing this forces a new resource to be created.

    swapFileSizeMb Number

    Specifies the size of the swap file on each node in MB. Changing this forces a new resource to be created.

    sysctlConfig Property Map

    A sysctl_config block as defined below. Changing this forces a new resource to be created.

    transparentHugePageDefrag String

    specifies the defrag configuration for Transparent Huge Page. Possible values are always, defer, defer+madvise, madvise and never. Changing this forces a new resource to be created.

    transparentHugePageEnabled String

    Specifies the Transparent Huge Page enabled configuration. Possible values are always, madvise and never. Changing this forces a new resource to be created.

    KubernetesClusterDefaultNodePoolLinuxOsConfigSysctlConfig

    FsAioMaxNr int

    The sysctl setting fs.aio-max-nr. Must be between 65536 and 6553500. Changing this forces a new resource to be created.

    FsFileMax int

    The sysctl setting fs.file-max. Must be between 8192 and 12000500. Changing this forces a new resource to be created.

    FsInotifyMaxUserWatches int

    The sysctl setting fs.inotify.max_user_watches. Must be between 781250 and 2097152. Changing this forces a new resource to be created.

    FsNrOpen int

    The sysctl setting fs.nr_open. Must be between 8192 and 20000500. Changing this forces a new resource to be created.

    KernelThreadsMax int

    The sysctl setting kernel.threads-max. Must be between 20 and 513785. Changing this forces a new resource to be created.

    NetCoreNetdevMaxBacklog int

    The sysctl setting net.core.netdev_max_backlog. Must be between 1000 and 3240000. Changing this forces a new resource to be created.

    NetCoreOptmemMax int

    The sysctl setting net.core.optmem_max. Must be between 20480 and 4194304. Changing this forces a new resource to be created.

    NetCoreRmemDefault int

    The sysctl setting net.core.rmem_default. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    NetCoreRmemMax int

    The sysctl setting net.core.rmem_max. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    NetCoreSomaxconn int

    The sysctl setting net.core.somaxconn. Must be between 4096 and 3240000. Changing this forces a new resource to be created.

    NetCoreWmemDefault int

    The sysctl setting net.core.wmem_default. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    NetCoreWmemMax int

    The sysctl setting net.core.wmem_max. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    NetIpv4IpLocalPortRangeMax int

    The sysctl setting net.ipv4.ip_local_port_range max value. Must be between 1024 and 60999. Changing this forces a new resource to be created.

    NetIpv4IpLocalPortRangeMin int

    The sysctl setting net.ipv4.ip_local_port_range min value. Must be between 1024 and 60999. Changing this forces a new resource to be created.

    NetIpv4NeighDefaultGcThresh1 int

    The sysctl setting net.ipv4.neigh.default.gc_thresh1. Must be between 128 and 80000. Changing this forces a new resource to be created.

    NetIpv4NeighDefaultGcThresh2 int

    The sysctl setting net.ipv4.neigh.default.gc_thresh2. Must be between 512 and 90000. Changing this forces a new resource to be created.

    NetIpv4NeighDefaultGcThresh3 int

    The sysctl setting net.ipv4.neigh.default.gc_thresh3. Must be between 1024 and 100000. Changing this forces a new resource to be created.

    NetIpv4TcpFinTimeout int

    The sysctl setting net.ipv4.tcp_fin_timeout. Must be between 5 and 120. Changing this forces a new resource to be created.

    NetIpv4TcpKeepaliveIntvl int

    The sysctl setting net.ipv4.tcp_keepalive_intvl. Must be between 10 and 75. Changing this forces a new resource to be created.

    NetIpv4TcpKeepaliveProbes int

    The sysctl setting net.ipv4.tcp_keepalive_probes. Must be between 1 and 15. Changing this forces a new resource to be created.

    NetIpv4TcpKeepaliveTime int

    The sysctl setting net.ipv4.tcp_keepalive_time. Must be between 30 and 432000. Changing this forces a new resource to be created.

    NetIpv4TcpMaxSynBacklog int

    The sysctl setting net.ipv4.tcp_max_syn_backlog. Must be between 128 and 3240000. Changing this forces a new resource to be created.

    NetIpv4TcpMaxTwBuckets int

    The sysctl setting net.ipv4.tcp_max_tw_buckets. Must be between 8000 and 1440000. Changing this forces a new resource to be created.

    NetIpv4TcpTwReuse bool

    The sysctl setting net.ipv4.tcp_tw_reuse. Changing this forces a new resource to be created.

    NetNetfilterNfConntrackBuckets int

    The sysctl setting net.netfilter.nf_conntrack_buckets. Must be between 65536 and 147456. Changing this forces a new resource to be created.

    NetNetfilterNfConntrackMax int

    The sysctl setting net.netfilter.nf_conntrack_max. Must be between 131072 and 1048576. Changing this forces a new resource to be created.

    VmMaxMapCount int

    The sysctl setting vm.max_map_count. Must be between 65530 and 262144. Changing this forces a new resource to be created.

    VmSwappiness int

    The sysctl setting vm.swappiness. Must be between 0 and 100. Changing this forces a new resource to be created.

    VmVfsCachePressure int

    The sysctl setting vm.vfs_cache_pressure. Must be between 0 and 100. Changing this forces a new resource to be created.

    FsAioMaxNr int

    The sysctl setting fs.aio-max-nr. Must be between 65536 and 6553500. Changing this forces a new resource to be created.

    FsFileMax int

    The sysctl setting fs.file-max. Must be between 8192 and 12000500. Changing this forces a new resource to be created.

    FsInotifyMaxUserWatches int

    The sysctl setting fs.inotify.max_user_watches. Must be between 781250 and 2097152. Changing this forces a new resource to be created.

    FsNrOpen int

    The sysctl setting fs.nr_open. Must be between 8192 and 20000500. Changing this forces a new resource to be created.

    KernelThreadsMax int

    The sysctl setting kernel.threads-max. Must be between 20 and 513785. Changing this forces a new resource to be created.

    NetCoreNetdevMaxBacklog int

    The sysctl setting net.core.netdev_max_backlog. Must be between 1000 and 3240000. Changing this forces a new resource to be created.

    NetCoreOptmemMax int

    The sysctl setting net.core.optmem_max. Must be between 20480 and 4194304. Changing this forces a new resource to be created.

    NetCoreRmemDefault int

    The sysctl setting net.core.rmem_default. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    NetCoreRmemMax int

    The sysctl setting net.core.rmem_max. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    NetCoreSomaxconn int

    The sysctl setting net.core.somaxconn. Must be between 4096 and 3240000. Changing this forces a new resource to be created.

    NetCoreWmemDefault int

    The sysctl setting net.core.wmem_default. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    NetCoreWmemMax int

    The sysctl setting net.core.wmem_max. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    NetIpv4IpLocalPortRangeMax int

    The sysctl setting net.ipv4.ip_local_port_range max value. Must be between 1024 and 60999. Changing this forces a new resource to be created.

    NetIpv4IpLocalPortRangeMin int

    The sysctl setting net.ipv4.ip_local_port_range min value. Must be between 1024 and 60999. Changing this forces a new resource to be created.

    NetIpv4NeighDefaultGcThresh1 int

    The sysctl setting net.ipv4.neigh.default.gc_thresh1. Must be between 128 and 80000. Changing this forces a new resource to be created.

    NetIpv4NeighDefaultGcThresh2 int

    The sysctl setting net.ipv4.neigh.default.gc_thresh2. Must be between 512 and 90000. Changing this forces a new resource to be created.

    NetIpv4NeighDefaultGcThresh3 int

    The sysctl setting net.ipv4.neigh.default.gc_thresh3. Must be between 1024 and 100000. Changing this forces a new resource to be created.

    NetIpv4TcpFinTimeout int

    The sysctl setting net.ipv4.tcp_fin_timeout. Must be between 5 and 120. Changing this forces a new resource to be created.

    NetIpv4TcpKeepaliveIntvl int

    The sysctl setting net.ipv4.tcp_keepalive_intvl. Must be between 10 and 75. Changing this forces a new resource to be created.

    NetIpv4TcpKeepaliveProbes int

    The sysctl setting net.ipv4.tcp_keepalive_probes. Must be between 1 and 15. Changing this forces a new resource to be created.

    NetIpv4TcpKeepaliveTime int

    The sysctl setting net.ipv4.tcp_keepalive_time. Must be between 30 and 432000. Changing this forces a new resource to be created.

    NetIpv4TcpMaxSynBacklog int

    The sysctl setting net.ipv4.tcp_max_syn_backlog. Must be between 128 and 3240000. Changing this forces a new resource to be created.

    NetIpv4TcpMaxTwBuckets int

    The sysctl setting net.ipv4.tcp_max_tw_buckets. Must be between 8000 and 1440000. Changing this forces a new resource to be created.

    NetIpv4TcpTwReuse bool

    The sysctl setting net.ipv4.tcp_tw_reuse. Changing this forces a new resource to be created.

    NetNetfilterNfConntrackBuckets int

    The sysctl setting net.netfilter.nf_conntrack_buckets. Must be between 65536 and 147456. Changing this forces a new resource to be created.

    NetNetfilterNfConntrackMax int

    The sysctl setting net.netfilter.nf_conntrack_max. Must be between 131072 and 1048576. Changing this forces a new resource to be created.

    VmMaxMapCount int

    The sysctl setting vm.max_map_count. Must be between 65530 and 262144. Changing this forces a new resource to be created.

    VmSwappiness int

    The sysctl setting vm.swappiness. Must be between 0 and 100. Changing this forces a new resource to be created.

    VmVfsCachePressure int

    The sysctl setting vm.vfs_cache_pressure. Must be between 0 and 100. Changing this forces a new resource to be created.

    fsAioMaxNr Integer

    The sysctl setting fs.aio-max-nr. Must be between 65536 and 6553500. Changing this forces a new resource to be created.

    fsFileMax Integer

    The sysctl setting fs.file-max. Must be between 8192 and 12000500. Changing this forces a new resource to be created.

    fsInotifyMaxUserWatches Integer

    The sysctl setting fs.inotify.max_user_watches. Must be between 781250 and 2097152. Changing this forces a new resource to be created.

    fsNrOpen Integer

    The sysctl setting fs.nr_open. Must be between 8192 and 20000500. Changing this forces a new resource to be created.

    kernelThreadsMax Integer

    The sysctl setting kernel.threads-max. Must be between 20 and 513785. Changing this forces a new resource to be created.

    netCoreNetdevMaxBacklog Integer

    The sysctl setting net.core.netdev_max_backlog. Must be between 1000 and 3240000. Changing this forces a new resource to be created.

    netCoreOptmemMax Integer

    The sysctl setting net.core.optmem_max. Must be between 20480 and 4194304. Changing this forces a new resource to be created.

    netCoreRmemDefault Integer

    The sysctl setting net.core.rmem_default. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    netCoreRmemMax Integer

    The sysctl setting net.core.rmem_max. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    netCoreSomaxconn Integer

    The sysctl setting net.core.somaxconn. Must be between 4096 and 3240000. Changing this forces a new resource to be created.

    netCoreWmemDefault Integer

    The sysctl setting net.core.wmem_default. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    netCoreWmemMax Integer

    The sysctl setting net.core.wmem_max. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    netIpv4IpLocalPortRangeMax Integer

    The sysctl setting net.ipv4.ip_local_port_range max value. Must be between 1024 and 60999. Changing this forces a new resource to be created.

    netIpv4IpLocalPortRangeMin Integer

    The sysctl setting net.ipv4.ip_local_port_range min value. Must be between 1024 and 60999. Changing this forces a new resource to be created.

    netIpv4NeighDefaultGcThresh1 Integer

    The sysctl setting net.ipv4.neigh.default.gc_thresh1. Must be between 128 and 80000. Changing this forces a new resource to be created.

    netIpv4NeighDefaultGcThresh2 Integer

    The sysctl setting net.ipv4.neigh.default.gc_thresh2. Must be between 512 and 90000. Changing this forces a new resource to be created.

    netIpv4NeighDefaultGcThresh3 Integer

    The sysctl setting net.ipv4.neigh.default.gc_thresh3. Must be between 1024 and 100000. Changing this forces a new resource to be created.

    netIpv4TcpFinTimeout Integer

    The sysctl setting net.ipv4.tcp_fin_timeout. Must be between 5 and 120. Changing this forces a new resource to be created.

    netIpv4TcpKeepaliveIntvl Integer

    The sysctl setting net.ipv4.tcp_keepalive_intvl. Must be between 10 and 75. Changing this forces a new resource to be created.

    netIpv4TcpKeepaliveProbes Integer

    The sysctl setting net.ipv4.tcp_keepalive_probes. Must be between 1 and 15. Changing this forces a new resource to be created.

    netIpv4TcpKeepaliveTime Integer

    The sysctl setting net.ipv4.tcp_keepalive_time. Must be between 30 and 432000. Changing this forces a new resource to be created.

    netIpv4TcpMaxSynBacklog Integer

    The sysctl setting net.ipv4.tcp_max_syn_backlog. Must be between 128 and 3240000. Changing this forces a new resource to be created.

    netIpv4TcpMaxTwBuckets Integer

    The sysctl setting net.ipv4.tcp_max_tw_buckets. Must be between 8000 and 1440000. Changing this forces a new resource to be created.

    netIpv4TcpTwReuse Boolean

    The sysctl setting net.ipv4.tcp_tw_reuse. Changing this forces a new resource to be created.

    netNetfilterNfConntrackBuckets Integer

    The sysctl setting net.netfilter.nf_conntrack_buckets. Must be between 65536 and 147456. Changing this forces a new resource to be created.

    netNetfilterNfConntrackMax Integer

    The sysctl setting net.netfilter.nf_conntrack_max. Must be between 131072 and 1048576. Changing this forces a new resource to be created.

    vmMaxMapCount Integer

    The sysctl setting vm.max_map_count. Must be between 65530 and 262144. Changing this forces a new resource to be created.

    vmSwappiness Integer

    The sysctl setting vm.swappiness. Must be between 0 and 100. Changing this forces a new resource to be created.

    vmVfsCachePressure Integer

    The sysctl setting vm.vfs_cache_pressure. Must be between 0 and 100. Changing this forces a new resource to be created.

    fsAioMaxNr number

    The sysctl setting fs.aio-max-nr. Must be between 65536 and 6553500. Changing this forces a new resource to be created.

    fsFileMax number

    The sysctl setting fs.file-max. Must be between 8192 and 12000500. Changing this forces a new resource to be created.

    fsInotifyMaxUserWatches number

    The sysctl setting fs.inotify.max_user_watches. Must be between 781250 and 2097152. Changing this forces a new resource to be created.

    fsNrOpen number

    The sysctl setting fs.nr_open. Must be between 8192 and 20000500. Changing this forces a new resource to be created.

    kernelThreadsMax number

    The sysctl setting kernel.threads-max. Must be between 20 and 513785. Changing this forces a new resource to be created.

    netCoreNetdevMaxBacklog number

    The sysctl setting net.core.netdev_max_backlog. Must be between 1000 and 3240000. Changing this forces a new resource to be created.

    netCoreOptmemMax number

    The sysctl setting net.core.optmem_max. Must be between 20480 and 4194304. Changing this forces a new resource to be created.

    netCoreRmemDefault number

    The sysctl setting net.core.rmem_default. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    netCoreRmemMax number

    The sysctl setting net.core.rmem_max. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    netCoreSomaxconn number

    The sysctl setting net.core.somaxconn. Must be between 4096 and 3240000. Changing this forces a new resource to be created.

    netCoreWmemDefault number

    The sysctl setting net.core.wmem_default. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    netCoreWmemMax number

    The sysctl setting net.core.wmem_max. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    netIpv4IpLocalPortRangeMax number

    The sysctl setting net.ipv4.ip_local_port_range max value. Must be between 1024 and 60999. Changing this forces a new resource to be created.

    netIpv4IpLocalPortRangeMin number

    The sysctl setting net.ipv4.ip_local_port_range min value. Must be between 1024 and 60999. Changing this forces a new resource to be created.

    netIpv4NeighDefaultGcThresh1 number

    The sysctl setting net.ipv4.neigh.default.gc_thresh1. Must be between 128 and 80000. Changing this forces a new resource to be created.

    netIpv4NeighDefaultGcThresh2 number

    The sysctl setting net.ipv4.neigh.default.gc_thresh2. Must be between 512 and 90000. Changing this forces a new resource to be created.

    netIpv4NeighDefaultGcThresh3 number

    The sysctl setting net.ipv4.neigh.default.gc_thresh3. Must be between 1024 and 100000. Changing this forces a new resource to be created.

    netIpv4TcpFinTimeout number

    The sysctl setting net.ipv4.tcp_fin_timeout. Must be between 5 and 120. Changing this forces a new resource to be created.

    netIpv4TcpKeepaliveIntvl number

    The sysctl setting net.ipv4.tcp_keepalive_intvl. Must be between 10 and 75. Changing this forces a new resource to be created.

    netIpv4TcpKeepaliveProbes number

    The sysctl setting net.ipv4.tcp_keepalive_probes. Must be between 1 and 15. Changing this forces a new resource to be created.

    netIpv4TcpKeepaliveTime number

    The sysctl setting net.ipv4.tcp_keepalive_time. Must be between 30 and 432000. Changing this forces a new resource to be created.

    netIpv4TcpMaxSynBacklog number

    The sysctl setting net.ipv4.tcp_max_syn_backlog. Must be between 128 and 3240000. Changing this forces a new resource to be created.

    netIpv4TcpMaxTwBuckets number

    The sysctl setting net.ipv4.tcp_max_tw_buckets. Must be between 8000 and 1440000. Changing this forces a new resource to be created.

    netIpv4TcpTwReuse boolean

    The sysctl setting net.ipv4.tcp_tw_reuse. Changing this forces a new resource to be created.

    netNetfilterNfConntrackBuckets number

    The sysctl setting net.netfilter.nf_conntrack_buckets. Must be between 65536 and 147456. Changing this forces a new resource to be created.

    netNetfilterNfConntrackMax number

    The sysctl setting net.netfilter.nf_conntrack_max. Must be between 131072 and 1048576. Changing this forces a new resource to be created.

    vmMaxMapCount number

    The sysctl setting vm.max_map_count. Must be between 65530 and 262144. Changing this forces a new resource to be created.

    vmSwappiness number

    The sysctl setting vm.swappiness. Must be between 0 and 100. Changing this forces a new resource to be created.

    vmVfsCachePressure number

    The sysctl setting vm.vfs_cache_pressure. Must be between 0 and 100. Changing this forces a new resource to be created.

    fs_aio_max_nr int

    The sysctl setting fs.aio-max-nr. Must be between 65536 and 6553500. Changing this forces a new resource to be created.

    fs_file_max int

    The sysctl setting fs.file-max. Must be between 8192 and 12000500. Changing this forces a new resource to be created.

    fs_inotify_max_user_watches int

    The sysctl setting fs.inotify.max_user_watches. Must be between 781250 and 2097152. Changing this forces a new resource to be created.

    fs_nr_open int

    The sysctl setting fs.nr_open. Must be between 8192 and 20000500. Changing this forces a new resource to be created.

    kernel_threads_max int

    The sysctl setting kernel.threads-max. Must be between 20 and 513785. Changing this forces a new resource to be created.

    net_core_netdev_max_backlog int

    The sysctl setting net.core.netdev_max_backlog. Must be between 1000 and 3240000. Changing this forces a new resource to be created.

    net_core_optmem_max int

    The sysctl setting net.core.optmem_max. Must be between 20480 and 4194304. Changing this forces a new resource to be created.

    net_core_rmem_default int

    The sysctl setting net.core.rmem_default. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    net_core_rmem_max int

    The sysctl setting net.core.rmem_max. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    net_core_somaxconn int

    The sysctl setting net.core.somaxconn. Must be between 4096 and 3240000. Changing this forces a new resource to be created.

    net_core_wmem_default int

    The sysctl setting net.core.wmem_default. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    net_core_wmem_max int

    The sysctl setting net.core.wmem_max. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    net_ipv4_ip_local_port_range_max int

    The sysctl setting net.ipv4.ip_local_port_range max value. Must be between 1024 and 60999. Changing this forces a new resource to be created.

    net_ipv4_ip_local_port_range_min int

    The sysctl setting net.ipv4.ip_local_port_range min value. Must be between 1024 and 60999. Changing this forces a new resource to be created.

    net_ipv4_neigh_default_gc_thresh1 int

    The sysctl setting net.ipv4.neigh.default.gc_thresh1. Must be between 128 and 80000. Changing this forces a new resource to be created.

    net_ipv4_neigh_default_gc_thresh2 int

    The sysctl setting net.ipv4.neigh.default.gc_thresh2. Must be between 512 and 90000. Changing this forces a new resource to be created.

    net_ipv4_neigh_default_gc_thresh3 int

    The sysctl setting net.ipv4.neigh.default.gc_thresh3. Must be between 1024 and 100000. Changing this forces a new resource to be created.

    net_ipv4_tcp_fin_timeout int

    The sysctl setting net.ipv4.tcp_fin_timeout. Must be between 5 and 120. Changing this forces a new resource to be created.

    net_ipv4_tcp_keepalive_intvl int

    The sysctl setting net.ipv4.tcp_keepalive_intvl. Must be between 10 and 75. Changing this forces a new resource to be created.

    net_ipv4_tcp_keepalive_probes int

    The sysctl setting net.ipv4.tcp_keepalive_probes. Must be between 1 and 15. Changing this forces a new resource to be created.

    net_ipv4_tcp_keepalive_time int

    The sysctl setting net.ipv4.tcp_keepalive_time. Must be between 30 and 432000. Changing this forces a new resource to be created.

    net_ipv4_tcp_max_syn_backlog int

    The sysctl setting net.ipv4.tcp_max_syn_backlog. Must be between 128 and 3240000. Changing this forces a new resource to be created.

    net_ipv4_tcp_max_tw_buckets int

    The sysctl setting net.ipv4.tcp_max_tw_buckets. Must be between 8000 and 1440000. Changing this forces a new resource to be created.

    net_ipv4_tcp_tw_reuse bool

    The sysctl setting net.ipv4.tcp_tw_reuse. Changing this forces a new resource to be created.

    net_netfilter_nf_conntrack_buckets int

    The sysctl setting net.netfilter.nf_conntrack_buckets. Must be between 65536 and 147456. Changing this forces a new resource to be created.

    net_netfilter_nf_conntrack_max int

    The sysctl setting net.netfilter.nf_conntrack_max. Must be between 131072 and 1048576. Changing this forces a new resource to be created.

    vm_max_map_count int

    The sysctl setting vm.max_map_count. Must be between 65530 and 262144. Changing this forces a new resource to be created.

    vm_swappiness int

    The sysctl setting vm.swappiness. Must be between 0 and 100. Changing this forces a new resource to be created.

    vm_vfs_cache_pressure int

    The sysctl setting vm.vfs_cache_pressure. Must be between 0 and 100. Changing this forces a new resource to be created.

    fsAioMaxNr Number

    The sysctl setting fs.aio-max-nr. Must be between 65536 and 6553500. Changing this forces a new resource to be created.

    fsFileMax Number

    The sysctl setting fs.file-max. Must be between 8192 and 12000500. Changing this forces a new resource to be created.

    fsInotifyMaxUserWatches Number

    The sysctl setting fs.inotify.max_user_watches. Must be between 781250 and 2097152. Changing this forces a new resource to be created.

    fsNrOpen Number

    The sysctl setting fs.nr_open. Must be between 8192 and 20000500. Changing this forces a new resource to be created.

    kernelThreadsMax Number

    The sysctl setting kernel.threads-max. Must be between 20 and 513785. Changing this forces a new resource to be created.

    netCoreNetdevMaxBacklog Number

    The sysctl setting net.core.netdev_max_backlog. Must be between 1000 and 3240000. Changing this forces a new resource to be created.

    netCoreOptmemMax Number

    The sysctl setting net.core.optmem_max. Must be between 20480 and 4194304. Changing this forces a new resource to be created.

    netCoreRmemDefault Number

    The sysctl setting net.core.rmem_default. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    netCoreRmemMax Number

    The sysctl setting net.core.rmem_max. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    netCoreSomaxconn Number

    The sysctl setting net.core.somaxconn. Must be between 4096 and 3240000. Changing this forces a new resource to be created.

    netCoreWmemDefault Number

    The sysctl setting net.core.wmem_default. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    netCoreWmemMax Number

    The sysctl setting net.core.wmem_max. Must be between 212992 and 134217728. Changing this forces a new resource to be created.

    netIpv4IpLocalPortRangeMax Number

    The sysctl setting net.ipv4.ip_local_port_range max value. Must be between 1024 and 60999. Changing this forces a new resource to be created.

    netIpv4IpLocalPortRangeMin Number

    The sysctl setting net.ipv4.ip_local_port_range min value. Must be between 1024 and 60999. Changing this forces a new resource to be created.

    netIpv4NeighDefaultGcThresh1 Number

    The sysctl setting net.ipv4.neigh.default.gc_thresh1. Must be between 128 and 80000. Changing this forces a new resource to be created.

    netIpv4NeighDefaultGcThresh2 Number

    The sysctl setting net.ipv4.neigh.default.gc_thresh2. Must be between 512 and 90000. Changing this forces a new resource to be created.

    netIpv4NeighDefaultGcThresh3 Number

    The sysctl setting net.ipv4.neigh.default.gc_thresh3. Must be between 1024 and 100000. Changing this forces a new resource to be created.

    netIpv4TcpFinTimeout Number

    The sysctl setting net.ipv4.tcp_fin_timeout. Must be between 5 and 120. Changing this forces a new resource to be created.

    netIpv4TcpKeepaliveIntvl Number

    The sysctl setting net.ipv4.tcp_keepalive_intvl. Must be between 10 and 75. Changing this forces a new resource to be created.

    netIpv4TcpKeepaliveProbes Number

    The sysctl setting net.ipv4.tcp_keepalive_probes. Must be between 1 and 15. Changing this forces a new resource to be created.

    netIpv4TcpKeepaliveTime Number

    The sysctl setting net.ipv4.tcp_keepalive_time. Must be between 30 and 432000. Changing this forces a new resource to be created.

    netIpv4TcpMaxSynBacklog Number

    The sysctl setting net.ipv4.tcp_max_syn_backlog. Must be between 128 and 3240000. Changing this forces a new resource to be created.

    netIpv4TcpMaxTwBuckets Number

    The sysctl setting net.ipv4.tcp_max_tw_buckets. Must be between 8000 and 1440000. Changing this forces a new resource to be created.

    netIpv4TcpTwReuse Boolean

    The sysctl setting net.ipv4.tcp_tw_reuse. Changing this forces a new resource to be created.

    netNetfilterNfConntrackBuckets Number

    The sysctl setting net.netfilter.nf_conntrack_buckets. Must be between 65536 and 147456. Changing this forces a new resource to be created.

    netNetfilterNfConntrackMax Number

    The sysctl setting net.netfilter.nf_conntrack_max. Must be between 131072 and 1048576. Changing this forces a new resource to be created.

    vmMaxMapCount Number

    The sysctl setting vm.max_map_count. Must be between 65530 and 262144. Changing this forces a new resource to be created.

    vmSwappiness Number

    The sysctl setting vm.swappiness. Must be between 0 and 100. Changing this forces a new resource to be created.

    vmVfsCachePressure Number

    The sysctl setting vm.vfs_cache_pressure. Must be between 0 and 100. Changing this forces a new resource to be created.

    KubernetesClusterDefaultNodePoolNodeNetworkProfile

    NodePublicIpTags Dictionary<string, string>

    Specifies a mapping of tags to the instance-level public IPs. Changing this forces a new resource to be created.

    NodePublicIpTags map[string]string

    Specifies a mapping of tags to the instance-level public IPs. Changing this forces a new resource to be created.

    nodePublicIpTags Map<String,String>

    Specifies a mapping of tags to the instance-level public IPs. Changing this forces a new resource to be created.

    nodePublicIpTags {[key: string]: string}

    Specifies a mapping of tags to the instance-level public IPs. Changing this forces a new resource to be created.

    node_public_ip_tags Mapping[str, str]

    Specifies a mapping of tags to the instance-level public IPs. Changing this forces a new resource to be created.

    nodePublicIpTags Map<String>

    Specifies a mapping of tags to the instance-level public IPs. Changing this forces a new resource to be created.

    KubernetesClusterDefaultNodePoolUpgradeSettings

    MaxSurge string

    The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade.

    MaxSurge string

    The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade.

    maxSurge String

    The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade.

    maxSurge string

    The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade.

    max_surge str

    The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade.

    maxSurge String

    The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade.

    KubernetesClusterHttpProxyConfig

    HttpProxy string

    The proxy address to be used when communicating over HTTP. Changing this forces a new resource to be created.

    HttpsProxy string

    The proxy address to be used when communicating over HTTPS. Changing this forces a new resource to be created.

    NoProxies List<string>

    The list of domains that will not use the proxy for communication. Changing this forces a new resource to be created.

    TrustedCa string

    The base64 encoded alternative CA certificate content in PEM format.

    HttpProxy string

    The proxy address to be used when communicating over HTTP. Changing this forces a new resource to be created.

    HttpsProxy string

    The proxy address to be used when communicating over HTTPS. Changing this forces a new resource to be created.

    NoProxies []string

    The list of domains that will not use the proxy for communication. Changing this forces a new resource to be created.

    TrustedCa string

    The base64 encoded alternative CA certificate content in PEM format.

    httpProxy String

    The proxy address to be used when communicating over HTTP. Changing this forces a new resource to be created.

    httpsProxy String

    The proxy address to be used when communicating over HTTPS. Changing this forces a new resource to be created.

    noProxies List<String>

    The list of domains that will not use the proxy for communication. Changing this forces a new resource to be created.

    trustedCa String

    The base64 encoded alternative CA certificate content in PEM format.

    httpProxy string

    The proxy address to be used when communicating over HTTP. Changing this forces a new resource to be created.

    httpsProxy string

    The proxy address to be used when communicating over HTTPS. Changing this forces a new resource to be created.

    noProxies string[]

    The list of domains that will not use the proxy for communication. Changing this forces a new resource to be created.

    trustedCa string

    The base64 encoded alternative CA certificate content in PEM format.

    http_proxy str

    The proxy address to be used when communicating over HTTP. Changing this forces a new resource to be created.

    https_proxy str

    The proxy address to be used when communicating over HTTPS. Changing this forces a new resource to be created.

    no_proxies Sequence[str]

    The list of domains that will not use the proxy for communication. Changing this forces a new resource to be created.

    trusted_ca str

    The base64 encoded alternative CA certificate content in PEM format.

    httpProxy String

    The proxy address to be used when communicating over HTTP. Changing this forces a new resource to be created.

    httpsProxy String

    The proxy address to be used when communicating over HTTPS. Changing this forces a new resource to be created.

    noProxies List<String>

    The list of domains that will not use the proxy for communication. Changing this forces a new resource to be created.

    trustedCa String

    The base64 encoded alternative CA certificate content in PEM format.

    KubernetesClusterIdentity

    Type string

    Specifies the type of Managed Service Identity that should be configured on this Kubernetes Cluster. Possible values are SystemAssigned or UserAssigned.

    IdentityIds List<string>

    Specifies a list of User Assigned Managed Identity IDs to be assigned to this Kubernetes Cluster.

    PrincipalId string

    The Principal ID associated with this Managed Service Identity.

    TenantId string

    The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.

    Type string

    Specifies the type of Managed Service Identity that should be configured on this Kubernetes Cluster. Possible values are SystemAssigned or UserAssigned.

    IdentityIds []string

    Specifies a list of User Assigned Managed Identity IDs to be assigned to this Kubernetes Cluster.

    PrincipalId string

    The Principal ID associated with this Managed Service Identity.

    TenantId string

    The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.

    type String

    Specifies the type of Managed Service Identity that should be configured on this Kubernetes Cluster. Possible values are SystemAssigned or UserAssigned.

    identityIds List<String>

    Specifies a list of User Assigned Managed Identity IDs to be assigned to this Kubernetes Cluster.

    principalId String

    The Principal ID associated with this Managed Service Identity.

    tenantId String

    The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.

    type string

    Specifies the type of Managed Service Identity that should be configured on this Kubernetes Cluster. Possible values are SystemAssigned or UserAssigned.

    identityIds string[]

    Specifies a list of User Assigned Managed Identity IDs to be assigned to this Kubernetes Cluster.

    principalId string

    The Principal ID associated with this Managed Service Identity.

    tenantId string

    The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.

    type str

    Specifies the type of Managed Service Identity that should be configured on this Kubernetes Cluster. Possible values are SystemAssigned or UserAssigned.

    identity_ids Sequence[str]

    Specifies a list of User Assigned Managed Identity IDs to be assigned to this Kubernetes Cluster.

    principal_id str

    The Principal ID associated with this Managed Service Identity.

    tenant_id str

    The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.

    type String

    Specifies the type of Managed Service Identity that should be configured on this Kubernetes Cluster. Possible values are SystemAssigned or UserAssigned.

    identityIds List<String>

    Specifies a list of User Assigned Managed Identity IDs to be assigned to this Kubernetes Cluster.

    principalId String

    The Principal ID associated with this Managed Service Identity.

    tenantId String

    The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used.

    KubernetesClusterIngressApplicationGateway

    EffectiveGatewayId string

    The ID of the Application Gateway associated with the ingress controller deployed to this Kubernetes Cluster.

    GatewayId string

    The ID of the Application Gateway to integrate with the ingress controller of this Kubernetes Cluster. See this page for further details.

    GatewayName string

    The name of the Application Gateway to be used or created in the Nodepool Resource Group, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    IngressApplicationGatewayIdentities List<KubernetesClusterIngressApplicationGatewayIngressApplicationGatewayIdentity>

    An ingress_application_gateway_identity block is exported. The exported attributes are defined below.

    SubnetCidr string

    The subnet CIDR to be used to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    SubnetId string

    The ID of the subnet on which to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    EffectiveGatewayId string

    The ID of the Application Gateway associated with the ingress controller deployed to this Kubernetes Cluster.

    GatewayId string

    The ID of the Application Gateway to integrate with the ingress controller of this Kubernetes Cluster. See this page for further details.

    GatewayName string

    The name of the Application Gateway to be used or created in the Nodepool Resource Group, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    IngressApplicationGatewayIdentities []KubernetesClusterIngressApplicationGatewayIngressApplicationGatewayIdentity

    An ingress_application_gateway_identity block is exported. The exported attributes are defined below.

    SubnetCidr string

    The subnet CIDR to be used to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    SubnetId string

    The ID of the subnet on which to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    effectiveGatewayId String

    The ID of the Application Gateway associated with the ingress controller deployed to this Kubernetes Cluster.

    gatewayId String

    The ID of the Application Gateway to integrate with the ingress controller of this Kubernetes Cluster. See this page for further details.

    gatewayName String

    The name of the Application Gateway to be used or created in the Nodepool Resource Group, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    ingressApplicationGatewayIdentities List<KubernetesClusterIngressApplicationGatewayIngressApplicationGatewayIdentity>

    An ingress_application_gateway_identity block is exported. The exported attributes are defined below.

    subnetCidr String

    The subnet CIDR to be used to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    subnetId String

    The ID of the subnet on which to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    effectiveGatewayId string

    The ID of the Application Gateway associated with the ingress controller deployed to this Kubernetes Cluster.

    gatewayId string

    The ID of the Application Gateway to integrate with the ingress controller of this Kubernetes Cluster. See this page for further details.

    gatewayName string

    The name of the Application Gateway to be used or created in the Nodepool Resource Group, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    ingressApplicationGatewayIdentities KubernetesClusterIngressApplicationGatewayIngressApplicationGatewayIdentity[]

    An ingress_application_gateway_identity block is exported. The exported attributes are defined below.

    subnetCidr string

    The subnet CIDR to be used to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    subnetId string

    The ID of the subnet on which to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    effective_gateway_id str

    The ID of the Application Gateway associated with the ingress controller deployed to this Kubernetes Cluster.

    gateway_id str

    The ID of the Application Gateway to integrate with the ingress controller of this Kubernetes Cluster. See this page for further details.

    gateway_name str

    The name of the Application Gateway to be used or created in the Nodepool Resource Group, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    ingress_application_gateway_identities Sequence[KubernetesClusterIngressApplicationGatewayIngressApplicationGatewayIdentity]

    An ingress_application_gateway_identity block is exported. The exported attributes are defined below.

    subnet_cidr str

    The subnet CIDR to be used to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    subnet_id str

    The ID of the subnet on which to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    effectiveGatewayId String

    The ID of the Application Gateway associated with the ingress controller deployed to this Kubernetes Cluster.

    gatewayId String

    The ID of the Application Gateway to integrate with the ingress controller of this Kubernetes Cluster. See this page for further details.

    gatewayName String

    The name of the Application Gateway to be used or created in the Nodepool Resource Group, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    ingressApplicationGatewayIdentities List<Property Map>

    An ingress_application_gateway_identity block is exported. The exported attributes are defined below.

    subnetCidr String

    The subnet CIDR to be used to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    subnetId String

    The ID of the subnet on which to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details.

    KubernetesClusterIngressApplicationGatewayIngressApplicationGatewayIdentity

    ClientId string

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    ObjectId string

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    UserAssignedIdentityId string

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    ClientId string

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    ObjectId string

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    UserAssignedIdentityId string

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    clientId String

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    objectId String

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    userAssignedIdentityId String

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    clientId string

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    objectId string

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    userAssignedIdentityId string

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    client_id str

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    object_id str

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    user_assigned_identity_id str

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    clientId String

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    objectId String

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    userAssignedIdentityId String

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    KubernetesClusterKeyManagementService

    KeyVaultKeyId string

    Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When enabled is false, leave the field empty.

    KeyVaultNetworkAccess string

    Network access of the key vault Network access of key vault. The possible values are Public and Private. Public means the key vault allows public access from all networks. Private means the key vault disables public access and enables private link. The default value is Public.

    KeyVaultKeyId string

    Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When enabled is false, leave the field empty.

    KeyVaultNetworkAccess string

    Network access of the key vault Network access of key vault. The possible values are Public and Private. Public means the key vault allows public access from all networks. Private means the key vault disables public access and enables private link. The default value is Public.

    keyVaultKeyId String

    Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When enabled is false, leave the field empty.

    keyVaultNetworkAccess String

    Network access of the key vault Network access of key vault. The possible values are Public and Private. Public means the key vault allows public access from all networks. Private means the key vault disables public access and enables private link. The default value is Public.

    keyVaultKeyId string

    Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When enabled is false, leave the field empty.

    keyVaultNetworkAccess string

    Network access of the key vault Network access of key vault. The possible values are Public and Private. Public means the key vault allows public access from all networks. Private means the key vault disables public access and enables private link. The default value is Public.

    key_vault_key_id str

    Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When enabled is false, leave the field empty.

    key_vault_network_access str

    Network access of the key vault Network access of key vault. The possible values are Public and Private. Public means the key vault allows public access from all networks. Private means the key vault disables public access and enables private link. The default value is Public.

    keyVaultKeyId String

    Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When enabled is false, leave the field empty.

    keyVaultNetworkAccess String

    Network access of the key vault Network access of key vault. The possible values are Public and Private. Public means the key vault allows public access from all networks. Private means the key vault disables public access and enables private link. The default value is Public.

    KubernetesClusterKeyVaultSecretsProvider

    SecretIdentities List<KubernetesClusterKeyVaultSecretsProviderSecretIdentity>

    An secret_identity block is exported. The exported attributes are defined below.

    SecretRotationEnabled bool

    Should the secret store CSI driver on the AKS cluster be enabled?

    SecretRotationInterval string

    The interval to poll for secret rotation. This attribute is only set when secret_rotation is true and defaults to 2m.

    SecretIdentities []KubernetesClusterKeyVaultSecretsProviderSecretIdentity

    An secret_identity block is exported. The exported attributes are defined below.

    SecretRotationEnabled bool

    Should the secret store CSI driver on the AKS cluster be enabled?

    SecretRotationInterval string

    The interval to poll for secret rotation. This attribute is only set when secret_rotation is true and defaults to 2m.

    secretIdentities List<KubernetesClusterKeyVaultSecretsProviderSecretIdentity>

    An secret_identity block is exported. The exported attributes are defined below.

    secretRotationEnabled Boolean

    Should the secret store CSI driver on the AKS cluster be enabled?

    secretRotationInterval String

    The interval to poll for secret rotation. This attribute is only set when secret_rotation is true and defaults to 2m.

    secretIdentities KubernetesClusterKeyVaultSecretsProviderSecretIdentity[]

    An secret_identity block is exported. The exported attributes are defined below.

    secretRotationEnabled boolean

    Should the secret store CSI driver on the AKS cluster be enabled?

    secretRotationInterval string

    The interval to poll for secret rotation. This attribute is only set when secret_rotation is true and defaults to 2m.

    secret_identities Sequence[KubernetesClusterKeyVaultSecretsProviderSecretIdentity]

    An secret_identity block is exported. The exported attributes are defined below.

    secret_rotation_enabled bool

    Should the secret store CSI driver on the AKS cluster be enabled?

    secret_rotation_interval str

    The interval to poll for secret rotation. This attribute is only set when secret_rotation is true and defaults to 2m.

    secretIdentities List<Property Map>

    An secret_identity block is exported. The exported attributes are defined below.

    secretRotationEnabled Boolean

    Should the secret store CSI driver on the AKS cluster be enabled?

    secretRotationInterval String

    The interval to poll for secret rotation. This attribute is only set when secret_rotation is true and defaults to 2m.

    KubernetesClusterKeyVaultSecretsProviderSecretIdentity

    ClientId string

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    ObjectId string

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    UserAssignedIdentityId string

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    ClientId string

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    ObjectId string

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    UserAssignedIdentityId string

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    clientId String

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    objectId String

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    userAssignedIdentityId String

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    clientId string

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    objectId string

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    userAssignedIdentityId string

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    client_id str

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    object_id str

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    user_assigned_identity_id str

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    clientId String

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    objectId String

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    userAssignedIdentityId String

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    KubernetesClusterKubeAdminConfig

    ClientCertificate string

    Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.

    ClientKey string

    Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.

    ClusterCaCertificate string

    Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.

    Host string

    The Kubernetes cluster server host.

    Password string

    A password or token used to authenticate to the Kubernetes cluster.

    Username string

    A username used to authenticate to the Kubernetes cluster.

    ClientCertificate string

    Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.

    ClientKey string

    Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.

    ClusterCaCertificate string

    Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.

    Host string

    The Kubernetes cluster server host.

    Password string

    A password or token used to authenticate to the Kubernetes cluster.

    Username string

    A username used to authenticate to the Kubernetes cluster.

    clientCertificate String

    Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.

    clientKey String

    Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.

    clusterCaCertificate String

    Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.

    host String

    The Kubernetes cluster server host.

    password String

    A password or token used to authenticate to the Kubernetes cluster.

    username String

    A username used to authenticate to the Kubernetes cluster.

    clientCertificate string

    Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.

    clientKey string

    Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.

    clusterCaCertificate string

    Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.

    host string

    The Kubernetes cluster server host.

    password string

    A password or token used to authenticate to the Kubernetes cluster.

    username string

    A username used to authenticate to the Kubernetes cluster.

    client_certificate str

    Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.

    client_key str

    Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.

    cluster_ca_certificate str

    Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.

    host str

    The Kubernetes cluster server host.

    password str

    A password or token used to authenticate to the Kubernetes cluster.

    username str

    A username used to authenticate to the Kubernetes cluster.

    clientCertificate String

    Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.

    clientKey String

    Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.

    clusterCaCertificate String

    Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.

    host String

    The Kubernetes cluster server host.

    password String

    A password or token used to authenticate to the Kubernetes cluster.

    username String

    A username used to authenticate to the Kubernetes cluster.

    KubernetesClusterKubeConfig

    ClientCertificate string

    Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.

    ClientKey string

    Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.

    ClusterCaCertificate string

    Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.

    Host string

    The Kubernetes cluster server host.

    Password string

    A password or token used to authenticate to the Kubernetes cluster.

    Username string

    A username used to authenticate to the Kubernetes cluster.

    ClientCertificate string

    Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.

    ClientKey string

    Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.

    ClusterCaCertificate string

    Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.

    Host string

    The Kubernetes cluster server host.

    Password string

    A password or token used to authenticate to the Kubernetes cluster.

    Username string

    A username used to authenticate to the Kubernetes cluster.

    clientCertificate String

    Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.

    clientKey String

    Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.

    clusterCaCertificate String

    Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.

    host String

    The Kubernetes cluster server host.

    password String

    A password or token used to authenticate to the Kubernetes cluster.

    username String

    A username used to authenticate to the Kubernetes cluster.

    clientCertificate string

    Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.

    clientKey string

    Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.

    clusterCaCertificate string

    Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.

    host string

    The Kubernetes cluster server host.

    password string

    A password or token used to authenticate to the Kubernetes cluster.

    username string

    A username used to authenticate to the Kubernetes cluster.

    client_certificate str

    Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.

    client_key str

    Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.

    cluster_ca_certificate str

    Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.

    host str

    The Kubernetes cluster server host.

    password str

    A password or token used to authenticate to the Kubernetes cluster.

    username str

    A username used to authenticate to the Kubernetes cluster.

    clientCertificate String

    Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster.

    clientKey String

    Base64 encoded private key used by clients to authenticate to the Kubernetes cluster.

    clusterCaCertificate String

    Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster.

    host String

    The Kubernetes cluster server host.

    password String

    A password or token used to authenticate to the Kubernetes cluster.

    username String

    A username used to authenticate to the Kubernetes cluster.

    KubernetesClusterKubeletIdentity

    ClientId string

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    ObjectId string

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    UserAssignedIdentityId string

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    ClientId string

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    ObjectId string

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    UserAssignedIdentityId string

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    clientId String

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    objectId String

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    userAssignedIdentityId String

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    clientId string

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    objectId string

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    userAssignedIdentityId string

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    client_id str

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    object_id str

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    user_assigned_identity_id str

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    clientId String

    The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    objectId String

    The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    userAssignedIdentityId String

    The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created.

    KubernetesClusterLinuxProfile

    AdminUsername string

    The Admin Username for the Cluster. Changing this forces a new resource to be created.

    SshKey KubernetesClusterLinuxProfileSshKey

    An ssh_key block. Only one is currently allowed. Changing this will update the key on all node pools. More information can be found in the documentation.

    AdminUsername string

    The Admin Username for the Cluster. Changing this forces a new resource to be created.

    SshKey KubernetesClusterLinuxProfileSshKey

    An ssh_key block. Only one is currently allowed. Changing this will update the key on all node pools. More information can be found in the documentation.

    adminUsername String

    The Admin Username for the Cluster. Changing this forces a new resource to be created.

    sshKey KubernetesClusterLinuxProfileSshKey

    An ssh_key block. Only one is currently allowed. Changing this will update the key on all node pools. More information can be found in the documentation.

    adminUsername string

    The Admin Username for the Cluster. Changing this forces a new resource to be created.

    sshKey KubernetesClusterLinuxProfileSshKey

    An ssh_key block. Only one is currently allowed. Changing this will update the key on all node pools. More information can be found in the documentation.

    admin_username str

    The Admin Username for the Cluster. Changing this forces a new resource to be created.

    ssh_key KubernetesClusterLinuxProfileSshKey

    An ssh_key block. Only one is currently allowed. Changing this will update the key on all node pools. More information can be found in the documentation.

    adminUsername String

    The Admin Username for the Cluster. Changing this forces a new resource to be created.

    sshKey Property Map

    An ssh_key block. Only one is currently allowed. Changing this will update the key on all node pools. More information can be found in the documentation.

    KubernetesClusterLinuxProfileSshKey

    KeyData string

    The Public SSH Key used to access the cluster.

    KeyData string

    The Public SSH Key used to access the cluster.

    keyData String

    The Public SSH Key used to access the cluster.

    keyData string

    The Public SSH Key used to access the cluster.

    key_data str

    The Public SSH Key used to access the cluster.

    keyData String

    The Public SSH Key used to access the cluster.

    KubernetesClusterMaintenanceWindow

    Alloweds List<KubernetesClusterMaintenanceWindowAllowed>

    One or more allowed blocks as defined below.

    NotAlloweds List<KubernetesClusterMaintenanceWindowNotAllowed>

    One or more not_allowed block as defined below.

    Alloweds []KubernetesClusterMaintenanceWindowAllowed

    One or more allowed blocks as defined below.

    NotAlloweds []KubernetesClusterMaintenanceWindowNotAllowed

    One or more not_allowed block as defined below.

    alloweds List<KubernetesClusterMaintenanceWindowAllowed>

    One or more allowed blocks as defined below.

    notAlloweds List<KubernetesClusterMaintenanceWindowNotAllowed>

    One or more not_allowed block as defined below.

    alloweds KubernetesClusterMaintenanceWindowAllowed[]

    One or more allowed blocks as defined below.

    notAlloweds KubernetesClusterMaintenanceWindowNotAllowed[]

    One or more not_allowed block as defined below.

    alloweds Sequence[KubernetesClusterMaintenanceWindowAllowed]

    One or more allowed blocks as defined below.

    not_alloweds Sequence[KubernetesClusterMaintenanceWindowNotAllowed]

    One or more not_allowed block as defined below.

    alloweds List<Property Map>

    One or more allowed blocks as defined below.

    notAlloweds List<Property Map>

    One or more not_allowed block as defined below.

    KubernetesClusterMaintenanceWindowAllowed

    Day string

    A day in a week. Possible values are Sunday, Monday, Tuesday, Wednesday, Thursday, Friday and Saturday.

    Hours List<int>

    An array of hour slots in a day. For example, specifying 1 will allow maintenance from 1:00am to 2:00am. Specifying 1, 2 will allow maintenance from 1:00am to 3:00m. Possible values are between 0 and 23.

    Day string

    A day in a week. Possible values are Sunday, Monday, Tuesday, Wednesday, Thursday, Friday and Saturday.

    Hours []int

    An array of hour slots in a day. For example, specifying 1 will allow maintenance from 1:00am to 2:00am. Specifying 1, 2 will allow maintenance from 1:00am to 3:00m. Possible values are between 0 and 23.

    day String

    A day in a week. Possible values are Sunday, Monday, Tuesday, Wednesday, Thursday, Friday and Saturday.

    hours List<Integer>

    An array of hour slots in a day. For example, specifying 1 will allow maintenance from 1:00am to 2:00am. Specifying 1, 2 will allow maintenance from 1:00am to 3:00m. Possible values are between 0 and 23.

    day string

    A day in a week. Possible values are Sunday, Monday, Tuesday, Wednesday, Thursday, Friday and Saturday.

    hours number[]

    An array of hour slots in a day. For example, specifying 1 will allow maintenance from 1:00am to 2:00am. Specifying 1, 2 will allow maintenance from 1:00am to 3:00m. Possible values are between 0 and 23.

    day str

    A day in a week. Possible values are Sunday, Monday, Tuesday, Wednesday, Thursday, Friday and Saturday.

    hours Sequence[int]

    An array of hour slots in a day. For example, specifying 1 will allow maintenance from 1:00am to 2:00am. Specifying 1, 2 will allow maintenance from 1:00am to 3:00m. Possible values are between 0 and 23.

    day String

    A day in a week. Possible values are Sunday, Monday, Tuesday, Wednesday, Thursday, Friday and Saturday.

    hours List<Number>

    An array of hour slots in a day. For example, specifying 1 will allow maintenance from 1:00am to 2:00am. Specifying 1, 2 will allow maintenance from 1:00am to 3:00m. Possible values are between 0 and 23.

    KubernetesClusterMaintenanceWindowNotAllowed

    End string

    The end of a time span, formatted as an RFC3339 string.

    Start string

    The start of a time span, formatted as an RFC3339 string.

    End string

    The end of a time span, formatted as an RFC3339 string.

    Start string

    The start of a time span, formatted as an RFC3339 string.

    end String

    The end of a time span, formatted as an RFC3339 string.

    start String

    The start of a time span, formatted as an RFC3339 string.

    end string

    The end of a time span, formatted as an RFC3339 string.

    start string

    The start of a time span, formatted as an RFC3339 string.

    end str

    The end of a time span, formatted as an RFC3339 string.

    start str

    The start of a time span, formatted as an RFC3339 string.

    end String

    The end of a time span, formatted as an RFC3339 string.

    start String

    The start of a time span, formatted as an RFC3339 string.

    KubernetesClusterMicrosoftDefender

    LogAnalyticsWorkspaceId string

    Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to.

    LogAnalyticsWorkspaceId string

    Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to.

    logAnalyticsWorkspaceId String

    Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to.

    logAnalyticsWorkspaceId string

    Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to.

    log_analytics_workspace_id str

    Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to.

    logAnalyticsWorkspaceId String

    Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to.

    KubernetesClusterMonitorMetrics

    AnnotationsAllowed string

    Specifies a comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric.

    LabelsAllowed string

    Specifies a Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.

    AnnotationsAllowed string

    Specifies a comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric.

    LabelsAllowed string

    Specifies a Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.

    annotationsAllowed String

    Specifies a comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric.

    labelsAllowed String

    Specifies a Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.

    annotationsAllowed string

    Specifies a comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric.

    labelsAllowed string

    Specifies a Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.

    annotations_allowed str

    Specifies a comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric.

    labels_allowed str

    Specifies a Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.

    annotationsAllowed String

    Specifies a comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric.

    labelsAllowed String

    Specifies a Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.

    KubernetesClusterNetworkProfile

    NetworkPlugin string

    Network plugin to use for networking. Currently supported values are azure, kubenet and none. Changing this forces a new resource to be created.

    DnsServiceIp string

    IP address within the Kubernetes service address range that will be used by cluster service discovery (kube-dns). Changing this forces a new resource to be created.

    DockerBridgeCidr string

    IP address (in CIDR notation) used as the Docker bridge IP address on nodes. Changing this forces a new resource to be created.

    Deprecated:

    docker_bridge_cidr has been deprecated as the API no longer supports it and will be removed in version 4.0 of the provider.

    EbpfDataPlane string

    Specifies the eBPF data plane used for building the Kubernetes network. Possible value is cilium. Changing this forces a new resource to be created.

    IpVersions List<string>

    Specifies a list of IP versions the Kubernetes Cluster will use to assign IP addresses to its nodes and pods. Possible values are IPv4 and/or IPv6. IPv4 must always be specified. Changing this forces a new resource to be created.

    LoadBalancerProfile KubernetesClusterNetworkProfileLoadBalancerProfile

    A load_balancer_profile block as defined below. This can only be specified when load_balancer_sku is set to standard. Changing this forces a new resource to be created.

    LoadBalancerSku string

    Specifies the SKU of the Load Balancer used for this Kubernetes Cluster. Possible values are basic and standard. Defaults to standard. Changing this forces a new resource to be created.

    NatGatewayProfile KubernetesClusterNetworkProfileNatGatewayProfile

    A nat_gateway_profile block as defined below. This can only be specified when load_balancer_sku is set to standard and outbound_type is set to managedNATGateway or userAssignedNATGateway. Changing this forces a new resource to be created.

    NetworkMode string

    Network mode to be used with Azure CNI. Possible values are bridge and transparent. Changing this forces a new resource to be created.

    NetworkPluginMode string

    Specifies the network plugin mode used for building the Kubernetes network. Possible value is Overlay. Changing this forces a new resource to be created.

    NetworkPolicy string

    Sets up network policy to be used with Azure CNI. Network policy allows us to control the traffic flow between pods. Currently supported values are calico and azure. Changing this forces a new resource to be created.

    OutboundType string

    The outbound (egress) routing method which should be used for this Kubernetes Cluster. Possible values are loadBalancer, userDefinedRouting, managedNATGateway and userAssignedNATGateway. Defaults to loadBalancer. Changing this forces a new resource to be created.

    PodCidr string

    The CIDR to use for pod IP addresses. This field can only be set when network_plugin is set to kubenet. Changing this forces a new resource to be created.

    PodCidrs List<string>

    A list of CIDRs to use for pod IP addresses. For single-stack networking a single IPv4 CIDR is expected. For dual-stack networking an IPv4 and IPv6 CIDR are expected. Changing this forces a new resource to be created.

    ServiceCidr string

    The Network Range used by the Kubernetes service. Changing this forces a new resource to be created.

    ServiceCidrs List<string>

    A list of CIDRs to use for Kubernetes services. For single-stack networking a single IPv4 CIDR is expected. For dual-stack networking an IPv4 and IPv6 CIDR are expected. Changing this forces a new resource to be created.

    NetworkPlugin string

    Network plugin to use for networking. Currently supported values are azure, kubenet and none. Changing this forces a new resource to be created.

    DnsServiceIp string

    IP address within the Kubernetes service address range that will be used by cluster service discovery (kube-dns). Changing this forces a new resource to be created.

    DockerBridgeCidr string

    IP address (in CIDR notation) used as the Docker bridge IP address on nodes. Changing this forces a new resource to be created.

    Deprecated:

    docker_bridge_cidr has been deprecated as the API no longer supports it and will be removed in version 4.0 of the provider.

    EbpfDataPlane string

    Specifies the eBPF data plane used for building the Kubernetes network. Possible value is cilium. Changing this forces a new resource to be created.

    IpVersions []string

    Specifies a list of IP versions the Kubernetes Cluster will use to assign IP addresses to its nodes and pods. Possible values are IPv4 and/or IPv6. IPv4 must always be specified. Changing this forces a new resource to be created.

    LoadBalancerProfile KubernetesClusterNetworkProfileLoadBalancerProfile

    A load_balancer_profile block as defined below. This can only be specified when load_balancer_sku is set to standard. Changing this forces a new resource to be created.

    LoadBalancerSku string

    Specifies the SKU of the Load Balancer used for this Kubernetes Cluster. Possible values are basic and standard. Defaults to standard. Changing this forces a new resource to be created.

    NatGatewayProfile KubernetesClusterNetworkProfileNatGatewayProfile

    A nat_gateway_profile block as defined below. This can only be specified when load_balancer_sku is set to standard and outbound_type is set to managedNATGateway or userAssignedNATGateway. Changing this forces a new resource to be created.

    NetworkMode string

    Network mode to be used with Azure CNI. Possible values are bridge and transparent. Changing this forces a new resource to be created.

    NetworkPluginMode string

    Specifies the network plugin mode used for building the Kubernetes network. Possible value is Overlay. Changing this forces a new resource to be created.

    NetworkPolicy string

    Sets up network policy to be used with Azure CNI. Network policy allows us to control the traffic flow between pods. Currently supported values are calico and azure. Changing this forces a new resource to be created.

    OutboundType string

    The outbound (egress) routing method which should be used for this Kubernetes Cluster. Possible values are loadBalancer, userDefinedRouting, managedNATGateway and userAssignedNATGateway. Defaults to loadBalancer. Changing this forces a new resource to be created.

    PodCidr string

    The CIDR to use for pod IP addresses. This field can only be set when network_plugin is set to kubenet. Changing this forces a new resource to be created.

    PodCidrs []string

    A list of CIDRs to use for pod IP addresses. For single-stack networking a single IPv4 CIDR is expected. For dual-stack networking an IPv4 and IPv6 CIDR are expected. Changing this forces a new resource to be created.

    ServiceCidr string

    The Network Range used by the Kubernetes service. Changing this forces a new resource to be created.

    ServiceCidrs []string

    A list of CIDRs to use for Kubernetes services. For single-stack networking a single IPv4 CIDR is expected. For dual-stack networking an IPv4 and IPv6 CIDR are expected. Changing this forces a new resource to be created.

    networkPlugin String

    Network plugin to use for networking. Currently supported values are azure, kubenet and none. Changing this forces a new resource to be created.

    dnsServiceIp String

    IP address within the Kubernetes service address range that will be used by cluster service discovery (kube-dns). Changing this forces a new resource to be created.

    dockerBridgeCidr String

    IP address (in CIDR notation) used as the Docker bridge IP address on nodes. Changing this forces a new resource to be created.

    Deprecated:

    docker_bridge_cidr has been deprecated as the API no longer supports it and will be removed in version 4.0 of the provider.

    ebpfDataPlane String

    Specifies the eBPF data plane used for building the Kubernetes network. Possible value is cilium. Changing this forces a new resource to be created.

    ipVersions List<String>

    Specifies a list of IP versions the Kubernetes Cluster will use to assign IP addresses to its nodes and pods. Possible values are IPv4 and/or IPv6. IPv4 must always be specified. Changing this forces a new resource to be created.

    loadBalancerProfile KubernetesClusterNetworkProfileLoadBalancerProfile

    A load_balancer_profile block as defined below. This can only be specified when load_balancer_sku is set to standard. Changing this forces a new resource to be created.

    loadBalancerSku String

    Specifies the SKU of the Load Balancer used for this Kubernetes Cluster. Possible values are basic and standard. Defaults to standard. Changing this forces a new resource to be created.

    natGatewayProfile KubernetesClusterNetworkProfileNatGatewayProfile

    A nat_gateway_profile block as defined below. This can only be specified when load_balancer_sku is set to standard and outbound_type is set to managedNATGateway or userAssignedNATGateway. Changing this forces a new resource to be created.

    networkMode String

    Network mode to be used with Azure CNI. Possible values are bridge and transparent. Changing this forces a new resource to be created.

    networkPluginMode String

    Specifies the network plugin mode used for building the Kubernetes network. Possible value is Overlay. Changing this forces a new resource to be created.

    networkPolicy String

    Sets up network policy to be used with Azure CN