Marketplace
BrowsePublish
Marketplace
You are viewing an outdated version of provider-azure.Go to Latest
upbound/provider-azure@v0.36.0
KubernetesCluster
containerservice.azure.upbound.io
KubernetesCluster
upbound/provider-azure@v0.36.0containerservice.azure.upbound.io

KubernetesCluster is the Schema for the KubernetesClusters API. Manages a managed Kubernetes Cluster (also known as AKS / Azure Kubernetes Service)

Type

CRD

Group

containerservice.azure.upbound.io

Version

v1beta1

apiVersion: containerservice.azure.upbound.io/v1beta1

kind: KubernetesCluster

API Documentation
apiVersion
string
kind
string
metadata
object
spec
object
object

KubernetesClusterSpec defines the desired state of KubernetesCluster

forProvider
requiredobject
requiredobject

No description provided.

array

A aci_connector_linux block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.

object

Reference to a Subnet in network to populate subnetName.

name
requiredstring
policy
object
object

Policies for referencing.

resolve
string
object

Selector for a Subnet in network to populate subnetName.

policy
object
object

Policies for selection.

resolve
string
array

An api_server_access_profile block as defined below.

array

Set of authorized IP ranges to allow access to API server, e.g. ["198.51.100.0/24"].

subnetId
string
object

Reference to a Subnet in network to populate subnetId.

name
requiredstring
policy
object
object

Policies for referencing.

resolve
string
object

Selector for a Subnet in network to populate subnetId.

policy
object
object

Policies for selection.

resolve
string
array

Deprecated in favor of spec.forProvider.apiServerAccessProfile[0].authorizedIpRanges

array

A azure_active_directory_role_based_access_control block as defined below.

array

A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster.

managed
boolean
object

The Server Secret of an Azure Active Directory Application.

key
requiredstring
name
requiredstring
namespace
requiredstring
tenantId
string
array

A confidential_computing block as defined below. For more details please the documentation

array

A default_node_pool block as defined below.

array

A kubelet_config block as defined below. Changing this forces a new resource to be created.

array

Specifies the allow list of unsafe sysctls command or patterns (ending in *). Changing this forces a new resource to be created.

podMaxPid
number
maxCount
number
maxPods
number
minCount
number
name
string
nodeCount
number
array

A node_network_profile block as documented below.

array

A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created.

osSku
string
object

Reference to a Subnet in network to populate podSubnetId.

name
requiredstring
policy
object
object

Policies for referencing.

resolve
string
object

Selector for a Subnet in network to populate podSubnetId.

policy
object
object

Policies for selection.

resolve
string
tags
object
type
string
array

A upgrade_settings block as documented below.

maxSurge
string
vmSize
string
object

Reference to a Subnet in network to populate vnetSubnetId.

name
requiredstring
policy
object
object

Policies for referencing.

resolve
string
object

Selector for a Subnet in network to populate vnetSubnetId.

policy
object
object

Policies for selection.

resolve
string
zones
array
array

Specifies a list of Availability Zones in which this Kubernetes Cluster should be located. Changing this forces a new Kubernetes Cluster to be created.

dnsPrefix
string
edgeZone
string
array

A http_proxy_config block as defined below.

httpProxy
string
noProxy
array
array

The list of domains that will not use the proxy for communication.

object

The base64 encoded alternative CA certificate content in PEM format.

key
requiredstring
name
requiredstring
namespace
requiredstring
array

An identity block as defined below. One of either identity or service_principal must be specified.

array

Specifies a list of User Assigned Managed Identity IDs to be assigned to this Kubernetes Cluster.

type
string
array

An ingress_application_gateway block as defined below.

gatewayId
string
subnetId
string
object

Reference to a Subnet in network to populate subnetId.

name
requiredstring
policy
object
object

Policies for referencing.

resolve
string
object

Selector for a Subnet in network to populate subnetId.

policy
object
object

Policies for selection.

resolve
string
array

A key_management_service block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.

array

A key_vault_secrets_provider block as defined below.

array

A kubelet_identity block as defined below.

array

A linux_profile block as defined below.

sshKey
array
array

An ssh_key block. Only one is currently allowed. Changing this will update the key on all node pools. More information can be found in the documentation.

keyData
string
location
string
array

A maintenance_window block as defined below.

allowed
array
array

One or more allowed blocks as defined below.

day
string
hours
array
array

An array of hour slots in a day. For example, specifying 1 will allow maintenance from 1:00am to 2:00am. Specifying 1, 2 will allow maintenance from 1:00am to 3:00m. Possible values are between 0 and 23.

array

One or more not_allowed block as defined below.

end
string
start
string
array

A microsoft_defender block as defined below.

array

Specifies a Prometheus add-on profile for the Kubernetes Cluster. A monitor_metrics block as defined below.

array

A network_profile block as defined below.

array

Specifies a list of IP versions the Kubernetes Cluster will use to assign IP addresses to its nodes and pods. Possible values are IPv4 and/or IPv6. IPv4 must always be specified. Changing this forces a new resource to be created.

array

A load_balancer_profile block as defined below. This can only be specified when load_balancer_sku is set to standard. Changing this forces a new resource to be created.

array

The ID of the Public IP Addresses which should be used for outbound communication for the cluster load balancer.

array

The ID of the outbound Public IP Address Prefixes which should be used for the cluster load balancer.

array

A nat_gateway_profile block as defined below.

podCidr
string
array

A list of CIDRs to use for pod IP addresses. For single-stack networking a single IPv4 CIDR is expected. For dual-stack networking an IPv4 and IPv6 CIDR are expected. Changing this forces a new resource to be created.

array

A list of CIDRs to use for Kubernetes services. For single-stack networking a single IPv4 CIDR is expected. For dual-stack networking an IPv4 and IPv6 CIDR are expected. Changing this forces a new resource to be created.

array

An oms_agent block as defined below.

object

Reference to a PrivateDNSZone in network to populate privateDnsZoneId.

name
requiredstring
policy
object
object

Policies for referencing.

resolve
string
object

Selector for a PrivateDNSZone in network to populate privateDnsZoneId.

policy
object
object

Policies for selection.

resolve
string
object

Reference to a ResourceGroup in azure to populate resourceGroupName.

name
requiredstring
policy
object
object

Policies for referencing.

resolve
string
object

Selector for a ResourceGroup in azure to populate resourceGroupName.

policy
object
object

Policies for selection.

resolve
string
array

A service_mesh_profile block as defined below.

mode
string
array

A service_principal block as documented below. One of either identity or service_principal must be specified.

clientId
string
clientSecretSecretRef
requiredobject
requiredobject

The Client Secret for the Service Principal.

key
requiredstring
name
requiredstring
namespace
requiredstring
skuTier
string
array

A storage_profile block as defined below.

tags
object
array

A web_app_routing block as defined below.

dnsZoneId
string
array

A windows_profile block as defined below.

object

The Admin Password for Windows VMs. Length must be between 14 and 123 characters.

key
requiredstring
name
requiredstring
namespace
requiredstring
gmsa
array
array

A gmsa block as defined below.

license
string
array

A workload_autoscaler_profile block defined below.

object

THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is enabled, and may be changed or removed without notice. InitProvider holds the same fields as ForProvider, with the exception of Identifier and other resource reference fields. The fields that are in InitProvider are merged into ForProvider when the resource is created. The same fields are also added to the terraform ignore_changes hook, to avoid updating them after creation. This is useful for fields that are required on creation, but we do not desire to update them after creation, for example because of an external controller is managing them, like an autoscaler.

array

A aci_connector_linux block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes.

array

An api_server_access_profile block as defined below.

array

Set of authorized IP ranges to allow access to API server, e.g. ["198.51.100.0/24"].

array

Deprecated in favor of spec.forProvider.apiServerAccessProfile[0].authorizedIpRanges

array

A azure_active_directory_role_based_access_control block as defined below.

array

A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster.

managed
boolean
tenantId
string
array

A confidential_computing block as defined below. For more details please the documentation

array

A default_node_pool block as defined below.

array

A kubelet_config block as defined below. Changing this forces a new resource to be created.

array

Specifies the allow list of unsafe sysctls command or patterns (ending in *). Changing this forces a new resource to be created.

podMaxPid
number
maxCount
number
maxPods
number
minCount
number
name
string
nodeCount
number
array

A node_network_profile block as documented below.

array

A list of the taints added to new nodes during node pool create and scale. Changing this forces a new resource to be created.

osSku
string
tags
object
type
string
array

A upgrade_settings block as documented below.

maxSurge
string
vmSize
string
zones
array
array

Specifies a list of Availability Zones in which this Kubernetes Cluster should be located. Changing this forces a new Kubernetes Cluster to be created.

dnsPrefix
string
edgeZone
string
array

A http_proxy_config block as defined below.

httpProxy
string
noProxy
array
array

The list of domains that will not use the proxy for communication.

array

An identity block as defined below. One of either identity or service_principal must be specified.

array

Specifies a list of User Assigned Managed Identity IDs to be assigned to this Kubernetes Cluster.

type
string
array

An ingress_application_gateway block as defined below.

array

A key_management_service block as defined below. For more details, please visit Key Management Service (KMS) etcd encryption to an AKS cluster.

array

A key_vault_secrets_provider block as defined below.

array

A kubelet_identity block as defined below.

array

A linux_profile block as defined below.

sshKey
array
array

An ssh_key block. Only one is currently allowed. Changing this will update the key on all node pools. More information can be found in the documentation.

keyData
string
location
string
array

A maintenance_window block as defined below.

allowed
array
array

One or more allowed blocks as defined below.

day
string