ManagedCluster interface

Managed cluster.

Extends

Properties

aadProfile

The Azure Active Directory configuration.

addonProfiles

The profile of managed cluster add-on.

agentPoolProfiles

The agent pool properties.

apiServerAccessProfile

The access profile for managed cluster API server.

autoScalerProfile

Parameters to be applied to the cluster-autoscaler when enabled

autoUpgradeProfile

The auto upgrade configuration.

azureMonitorProfile

Azure Monitor addon profiles for monitoring the managed cluster.

azurePortalFqdn

The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure Portal to function properly. NOTE: This property will not be serialized. It can only be populated by the server.

currentKubernetesVersion

If kubernetesVersion was a fully specified version <major.minor.patch>, this field will be exactly equal to it. If kubernetesVersion was <major.minor>, this field will contain the full <major.minor.patch> version being used. NOTE: This property will not be serialized. It can only be populated by the server.

disableLocalAccounts

If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see disable local accounts.

diskEncryptionSetID

This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'

dnsPrefix

This cannot be updated once the Managed Cluster has been created.

enablePodSecurityPolicy

(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.

enableRbac

Whether to enable Kubernetes Role-Based Access Control.

eTag

Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic concurrency per the normal etag convention. NOTE: This property will not be serialized. It can only be populated by the server.

extendedLocation

The extended location of the Virtual Machine.

fqdn

The FQDN of the master pool. NOTE: This property will not be serialized. It can only be populated by the server.

fqdnSubdomain

This cannot be updated once the Managed Cluster has been created.

httpProxyConfig

Configurations for provisioning the cluster with HTTP proxy servers.

identity

The identity of the managed cluster, if configured.

identityProfile

The user identity associated with the managed cluster. This identity will be used by the kubelet. Only one user assigned identity is allowed. The only accepted key is "kubeletidentity", with value of "resourceId": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}".

ingressProfile

Ingress profile for the managed cluster.

kubernetesVersion

Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See upgrading an AKS cluster for more details.

linuxProfile

The profile for Linux VMs in the Managed Cluster.

maxAgentPools

The max number of agent pools for the managed cluster. NOTE: This property will not be serialized. It can only be populated by the server.

metricsProfile

Optional cluster metrics configuration.

networkProfile

The network configuration profile.

nodeResourceGroup

The name of the resource group containing agent pool nodes.

nodeResourceGroupProfile

Profile of the node resource group configuration.

oidcIssuerProfile

The OIDC issuer profile of the Managed Cluster.

podIdentityProfile

See use AAD pod identity for more details on AAD pod identity integration.

powerState

The Power State of the cluster. NOTE: This property will not be serialized. It can only be populated by the server.

privateFqdn

The FQDN of private cluster. NOTE: This property will not be serialized. It can only be populated by the server.

privateLinkResources

Private link resources associated with the cluster.

provisioningState

The current provisioning state. NOTE: This property will not be serialized. It can only be populated by the server.

publicNetworkAccess

Allow or deny public network access for AKS

resourceUID

The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create sequence) NOTE: This property will not be serialized. It can only be populated by the server.

securityProfile

Security profile for the managed cluster.

serviceMeshProfile

Service mesh profile for a managed cluster.

servicePrincipalProfile

Information about a service principal identity for the cluster to use for manipulating Azure APIs.

sku

The managed cluster SKU.

storageProfile

Storage profile for the managed cluster.

supportPlan

The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.

upgradeSettings

Settings for upgrading a cluster.

windowsProfile

The profile for Windows VMs in the Managed Cluster.

workloadAutoScalerProfile

Workload Auto-scaler profile for the managed cluster.

Inherited Properties

id

Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" NOTE: This property will not be serialized. It can only be populated by the server.

location

The geo-location where the resource lives

name

The name of the resource NOTE: This property will not be serialized. It can only be populated by the server.

systemData

Azure Resource Manager metadata containing createdBy and modifiedBy information. NOTE: This property will not be serialized. It can only be populated by the server.

tags

Resource tags.

type

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" NOTE: This property will not be serialized. It can only be populated by the server.

Property Details

aadProfile

The Azure Active Directory configuration.

aadProfile?: ManagedClusterAADProfile

Property Value

addonProfiles

The profile of managed cluster add-on.

addonProfiles?: {[propertyName: string]: ManagedClusterAddonProfile}

Property Value

{[propertyName: string]: ManagedClusterAddonProfile}

agentPoolProfiles

The agent pool properties.

agentPoolProfiles?: ManagedClusterAgentPoolProfile[]

Property Value

apiServerAccessProfile

The access profile for managed cluster API server.

apiServerAccessProfile?: ManagedClusterAPIServerAccessProfile

Property Value

autoScalerProfile

Parameters to be applied to the cluster-autoscaler when enabled

autoScalerProfile?: ManagedClusterPropertiesAutoScalerProfile

Property Value

autoUpgradeProfile

The auto upgrade configuration.

autoUpgradeProfile?: ManagedClusterAutoUpgradeProfile

Property Value

azureMonitorProfile

Azure Monitor addon profiles for monitoring the managed cluster.

azureMonitorProfile?: ManagedClusterAzureMonitorProfile

Property Value

azurePortalFqdn

The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure Portal to function properly. NOTE: This property will not be serialized. It can only be populated by the server.

azurePortalFqdn?: string

Property Value

string

currentKubernetesVersion

If kubernetesVersion was a fully specified version <major.minor.patch>, this field will be exactly equal to it. If kubernetesVersion was <major.minor>, this field will contain the full <major.minor.patch> version being used. NOTE: This property will not be serialized. It can only be populated by the server.

currentKubernetesVersion?: string

Property Value

string

disableLocalAccounts

If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see disable local accounts.

disableLocalAccounts?: boolean

Property Value

boolean

diskEncryptionSetID

This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'

diskEncryptionSetID?: string

Property Value

string

dnsPrefix

This cannot be updated once the Managed Cluster has been created.

dnsPrefix?: string

Property Value

string

enablePodSecurityPolicy

(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.

enablePodSecurityPolicy?: boolean

Property Value

boolean

enableRbac

Whether to enable Kubernetes Role-Based Access Control.

enableRbac?: boolean

Property Value

boolean

eTag

Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic concurrency per the normal etag convention. NOTE: This property will not be serialized. It can only be populated by the server.

eTag?: string

Property Value

string

extendedLocation

The extended location of the Virtual Machine.

extendedLocation?: ExtendedLocation

Property Value

fqdn

The FQDN of the master pool. NOTE: This property will not be serialized. It can only be populated by the server.

fqdn?: string

Property Value

string

fqdnSubdomain

This cannot be updated once the Managed Cluster has been created.

fqdnSubdomain?: string

Property Value

string

httpProxyConfig

Configurations for provisioning the cluster with HTTP proxy servers.

httpProxyConfig?: ManagedClusterHttpProxyConfig

Property Value

identity

The identity of the managed cluster, if configured.

identity?: ManagedClusterIdentity

Property Value

identityProfile

The user identity associated with the managed cluster. This identity will be used by the kubelet. Only one user assigned identity is allowed. The only accepted key is "kubeletidentity", with value of "resourceId": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}".

identityProfile?: {[propertyName: string]: UserAssignedIdentity}

Property Value

{[propertyName: string]: UserAssignedIdentity}

ingressProfile

Ingress profile for the managed cluster.

ingressProfile?: ManagedClusterIngressProfile

Property Value

kubernetesVersion

Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See upgrading an AKS cluster for more details.

kubernetesVersion?: string

Property Value

string

linuxProfile

The profile for Linux VMs in the Managed Cluster.

linuxProfile?: ContainerServiceLinuxProfile

Property Value

maxAgentPools

The max number of agent pools for the managed cluster. NOTE: This property will not be serialized. It can only be populated by the server.

maxAgentPools?: number

Property Value

number

metricsProfile

Optional cluster metrics configuration.

metricsProfile?: ManagedClusterMetricsProfile

Property Value

networkProfile

The network configuration profile.

networkProfile?: ContainerServiceNetworkProfile

Property Value

nodeResourceGroup

The name of the resource group containing agent pool nodes.

nodeResourceGroup?: string

Property Value

string

nodeResourceGroupProfile

Profile of the node resource group configuration.

nodeResourceGroupProfile?: ManagedClusterNodeResourceGroupProfile

Property Value

oidcIssuerProfile

The OIDC issuer profile of the Managed Cluster.

oidcIssuerProfile?: ManagedClusterOidcIssuerProfile

Property Value

podIdentityProfile

See use AAD pod identity for more details on AAD pod identity integration.

podIdentityProfile?: ManagedClusterPodIdentityProfile

Property Value

powerState

The Power State of the cluster. NOTE: This property will not be serialized. It can only be populated by the server.

powerState?: PowerState

Property Value

privateFqdn

The FQDN of private cluster. NOTE: This property will not be serialized. It can only be populated by the server.

privateFqdn?: string

Property Value

string

privateLinkResources

Private link resources associated with the cluster.

privateLinkResources?: PrivateLinkResource[]

Property Value

provisioningState

The current provisioning state. NOTE: This property will not be serialized. It can only be populated by the server.

provisioningState?: string

Property Value

string

publicNetworkAccess

Allow or deny public network access for AKS

publicNetworkAccess?: string

Property Value

string

resourceUID

The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create sequence) NOTE: This property will not be serialized. It can only be populated by the server.

resourceUID?: string

Property Value

string

securityProfile

Security profile for the managed cluster.

securityProfile?: ManagedClusterSecurityProfile

Property Value

serviceMeshProfile

Service mesh profile for a managed cluster.

serviceMeshProfile?: ServiceMeshProfile

Property Value

servicePrincipalProfile

Information about a service principal identity for the cluster to use for manipulating Azure APIs.

servicePrincipalProfile?: ManagedClusterServicePrincipalProfile

Property Value

sku

The managed cluster SKU.

sku?: ManagedClusterSKU

Property Value

storageProfile

Storage profile for the managed cluster.

storageProfile?: ManagedClusterStorageProfile

Property Value

supportPlan

The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.

supportPlan?: string

Property Value

string

upgradeSettings

Settings for upgrading a cluster.

upgradeSettings?: ClusterUpgradeSettings

Property Value

windowsProfile

The profile for Windows VMs in the Managed Cluster.

windowsProfile?: ManagedClusterWindowsProfile

Property Value

workloadAutoScalerProfile

Workload Auto-scaler profile for the managed cluster.

workloadAutoScalerProfile?: ManagedClusterWorkloadAutoScalerProfile

Property Value

Inherited Property Details

id

Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" NOTE: This property will not be serialized. It can only be populated by the server.

id?: string

Property Value

string

Inherited From TrackedResource.id

location

The geo-location where the resource lives

location: string

Property Value

string

Inherited From TrackedResource.location

name

The name of the resource NOTE: This property will not be serialized. It can only be populated by the server.

name?: string

Property Value

string

Inherited From TrackedResource.name

systemData

Azure Resource Manager metadata containing createdBy and modifiedBy information. NOTE: This property will not be serialized. It can only be populated by the server.

systemData?: SystemData

Property Value

Inherited From TrackedResource.systemData

tags

Resource tags.

tags?: {[propertyName: string]: string}

Property Value

{[propertyName: string]: string}

Inherited From TrackedResource.tags

type

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" NOTE: This property will not be serialized. It can only be populated by the server.

type?: string

Property Value

string

Inherited From TrackedResource.type