Compartilhar via


IManagedClusterProperties Interface

Definition

[System.ComponentModel.TypeConverter(typeof(Microsoft.Azure.PowerShell.Cmdlets.Aks.Models.Api20230201.ManagedClusterPropertiesTypeConverter))]
public interface IManagedClusterProperties : Microsoft.Azure.PowerShell.Cmdlets.Aks.Runtime.IJsonSerializable
[<System.ComponentModel.TypeConverter(typeof(Microsoft.Azure.PowerShell.Cmdlets.Aks.Models.Api20230201.ManagedClusterPropertiesTypeConverter))>]
type IManagedClusterProperties = interface
    interface IJsonSerializable
Public Interface IManagedClusterProperties
Implements IJsonSerializable
Derived
Attributes
Implements

Properties

AadProfileAdminGroupObjectID

The list of AAD group object IDs that will have admin role of the cluster.

AadProfileClientAppId

(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.

AadProfileEnableAzureRbac

Whether to enable Azure RBAC for Kubernetes authorization.

AadProfileManaged

Whether to enable managed AAD.

AadProfileServerAppId

(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.

AadProfileServerAppSecret

(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.

AadProfileTenantId

The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.

AddonProfile

The profile of managed cluster add-on.

AgentPoolProfile

The agent pool properties.

ApiServerAccessProfileAuthorizedIPRange

IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see API server authorized IP ranges.

ApiServerAccessProfileDisableRunCommand

Whether to disable run command for the cluster or not.

ApiServerAccessProfileEnablePrivateCluster

For more details, see Creating a private AKS cluster.

ApiServerAccessProfileEnablePrivateClusterPublicFqdn

Whether to create additional public FQDN for private cluster or not.

ApiServerAccessProfilePrivateDnsZone

The default is System. For more details see configure private DNS zone. Allowed values are 'system' and 'none'.

AutoScalerProfileBalanceSimilarNodeGroup

Valid values are 'true' and 'false'

AutoScalerProfileExpander

If not specified, the default is 'random'. See expanders for more information.

AutoScalerProfileMaxEmptyBulkDelete

The default is 10.

AutoScalerProfileMaxGracefulTerminationSec

The default is 600.

AutoScalerProfileMaxNodeProvisionTime

The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.

AutoScalerProfileMaxTotalUnreadyPercentage

The default is 45. The maximum is 100 and the minimum is 0.

AutoScalerProfileNewPodScaleUpDelay

For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).

AutoScalerProfileOkTotalUnreadyCount

This must be an integer. The default is 3.

AutoScalerProfileScaleDownDelayAfterAdd

The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.

AutoScalerProfileScaleDownDelayAfterDelete

The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.

AutoScalerProfileScaleDownDelayAfterFailure

The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.

AutoScalerProfileScaleDownUnneededTime

The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.

AutoScalerProfileScaleDownUnreadyTime

The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.

AutoScalerProfileScaleDownUtilizationThreshold

The default is '0.5'.

AutoScalerProfileScanInterval

The default is '10'. Values must be an integer number of seconds.

AutoScalerProfileSkipNodesWithLocalStorage

The default is true.

AutoScalerProfileSkipNodesWithSystemPod

The default is true.

AutoUpgradeProfileUpgradeChannel

For more information see setting the AKS cluster auto-upgrade channel.

AzureKeyVaultKmEnabled

Whether to enable Azure Key Vault key management service. The default is false.

AzureKeyVaultKmKeyId

Identifier of Azure Key Vault key. See key identifier format for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.

AzureKeyVaultKmKeyVaultNetworkAccess

Network access of key vault. The possible values are Public and Private. Public means the key vault allows public access from all networks. Private means the key vault disables public access and enables private link. The default value is Public.

AzureKeyVaultKmKeyVaultResourceId

Resource ID of key vault. When keyVaultNetworkAccess is Private, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is Public, leave the field empty.

AzurePortalFqdn

The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure Portal to function properly.

BlobCsiDriverEnabled

Whether to enable AzureBlob CSI Driver. The default value is false.

CurrentKubernetesVersion
DefenderLogAnalyticsWorkspaceResourceId

Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.

DisableLocalAccount

If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see disable local accounts.

DiskCsiDriverEnabled

Whether to enable AzureDisk CSI Driver. The default value is true.

DiskEncryptionSetId

This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'

DnsPrefix

This cannot be updated once the Managed Cluster has been created.

EnablePodSecurityPolicy

(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.

EnableRbac

Whether to enable Kubernetes Role-Based Access Control.

FileCsiDriverEnabled

Whether to enable AzureFile CSI Driver. The default value is true.

Fqdn

The FQDN of the master pool.

FqdnSubdomain

This cannot be updated once the Managed Cluster has been created.

GmsaProfileDnsServer
GmsaProfileEnabled

Specifies whether to enable Windows gMSA in the managed cluster.

GmsaProfileRootDomainName
HttpProxyConfigHttpProxy

The HTTP proxy server endpoint to use.

HttpProxyConfigHttpsProxy

The HTTPS proxy server endpoint to use.

HttpProxyConfigNoProxy

The endpoints that should not go through proxy.

HttpProxyConfigTrustedCa

Alternative CA cert to use for connecting to proxy servers.

IdentityProfile

Identities associated with the cluster.

ImageCleanerEnabled

Whether to enable Image Cleaner on AKS cluster.

ImageCleanerIntervalHour

Image Cleaner scanning interval in hours.

KedaEnabled

Whether to enable KEDA.

KubernetesVersion
KubeStateMetricAnnotationsAllowList

Comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric contains only resource name and namespace labels.

KubeStateMetricLabelsAllowlist

Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only resource name and namespace labels.

LinuxProfileAdminUsername

The administrator username to use for Linux VMs.

MaxAgentPool

The max number of agent pools for the managed cluster.

MetricEnabled

Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.

NetworkProfile

The network configuration profile.

NodeResourceGroup

The name of the resource group containing agent pool nodes.

OidcIssuerProfileEnabled

Whether the OIDC issuer is enabled.

OidcIssuerProfileIssuerUrl

The OIDC issuer url of the Managed Cluster.

PodIdentityProfileAllowNetworkPluginKubenet

Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See using Kubenet network plugin with AAD Pod Identity for more information.

PodIdentityProfileEnabled

Whether the pod identity addon is enabled.

PodIdentityProfileUserAssignedIdentity

The pod identities to use in the cluster.

PodIdentityProfileUserAssignedIdentityException

The pod identity exceptions to allow.

PowerStateCode

Tells whether the cluster is Running or Stopped

PrivateFqdn

The FQDN of private cluster.

PrivateLinkResource

Private link resources associated with the cluster.

ProvisioningState

The current provisioning state.

PublicNetworkAccess

Allow or deny public network access for AKS

SecurityMonitoringEnabled

Whether to enable Defender threat detection

ServicePrincipalProfileClientId

The ID for the service principal.

ServicePrincipalProfileSecret

The secret password associated with the service principal in plain text.

SnapshotControllerEnabled

Whether to enable Snapshot Controller. The default value is true.

SshPublicKey

The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.

WindowProfileAdminPassword
WindowProfileAdminUsername
WindowProfileEnableCsiProxy

For more details on CSI proxy, see the CSI proxy GitHub repo.

WindowProfileLicenseType

The license type to use for Windows VMs. See Azure Hybrid User Benefits for more details.

WorkloadIdentityEnabled

Whether to enable workload identity.

Methods

ToJson(JsonObject, SerializationMode) (Inherited from IJsonSerializable)

Applies to