github.com/crossplane/upjet@v1.3.0/pkg/registry/testdata/azure/pm.yaml (about) 1 # SPDX-FileCopyrightText: 2023 The Crossplane Authors <https://crossplane.io> 2 # 3 # SPDX-License-Identifier: Apache-2.0 4 5 name: test-provider 6 resources: 7 azurerm_aadb2c_directory: 8 subCategory: AAD B2C 9 description: Manages an AAD B2C Directory. 10 name: azurerm_aadb2c_directory 11 title: azurerm_aadb2c_directory 12 examples: 13 - name: example 14 manifest: |- 15 { 16 "country_code": "US", 17 "data_residency_location": "United States", 18 "display_name": "example-b2c-tenant", 19 "domain_name": "exampleb2ctenant.onmicrosoft.com", 20 "resource_group_name": "example-rg", 21 "sku_name": "PremiumP1" 22 } 23 argumentDocs: 24 billing_type: "- The type of billing for the AAD B2C tenant. Possible values include: MAU or Auths." 25 country_code: "- (Optional) Country code of the B2C tenant. The country_code should be valid for the specified data_residency_location. See official docs for valid country codes. Required when creating a new resource. Changing this forces a new AAD B2C Directory to be created." 26 data_residency_location: "- (Required) Location in which the B2C tenant is hosted and data resides. The data_residency_location should be valid for the specified country_code. See official docs for more information. Changing this forces a new AAD B2C Directory to be created." 27 display_name: "- (Optional) The initial display name of the B2C tenant. Required when creating a new resource. Changing this forces a new AAD B2C Directory to be created." 28 domain_name: "- (Required) Domain name of the B2C tenant, including the .onmicrosoft.com suffix. Changing this forces a new AAD B2C Directory to be created." 29 effective_start_date: "- The date from which the billing type took effect. May not be populated until after the first billing cycle." 30 id: "- The ID of the AAD B2C Directory." 31 resource_group_name: "- (Required) The name of the Resource Group where the AAD B2C Directory should exist. Changing this forces a new AAD B2C Directory to be created." 32 sku_name: "- (Required) Billing SKU for the B2C tenant. Must be one of: PremiumP1 or PremiumP2 (Standard is not supported). See official docs for more information." 33 tags: "- (Optional) A mapping of tags which should be assigned to the AAD B2C Directory." 34 tenant_id: "- The Tenant ID for the AAD B2C tenant." 35 timeouts.create: "- (Defaults to 30 minutes) Used when creating the AAD B2C Directory." 36 timeouts.delete: "- (Defaults to 30 minutes) Used when deleting the AAD B2C Directory." 37 timeouts.read: "- (Defaults to 5 minutes) Used when retrieving the AAD B2C Directory." 38 timeouts.update: "- (Defaults to 30 minutes) Used when updating the AAD B2C Directory." 39 importStatements: 40 - terraform import azurerm_aadb2c_directory.example /subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/example-resource-group/providers/Microsoft.AzureActiveDirectory/b2cDirectories/directory-name 41 azurerm_attestation_provider: 42 subCategory: Attestation 43 description: Manages a Attestation Provider. 44 name: azurerm_attestation_provider 45 title: azurerm_attestation 46 examples: 47 - name: example 48 manifest: |- 49 { 50 "location": "${azurerm_resource_group.example.location}", 51 "name": "example-attestationprovider", 52 "policy_signing_certificate_data": "${file(\"./example/cert.pem\")}", 53 "resource_group_name": "${azurerm_resource_group.example.name}" 54 } 55 references: 56 location: azurerm_resource_group.example.location 57 resource_group_name: azurerm_resource_group.example.name 58 dependencies: 59 azurerm_resource_group.example: |- 60 { 61 "location": "West Europe", 62 "name": "example-resources" 63 } 64 argumentDocs: 65 attestation_uri: "- The URI of the Attestation Service." 66 id: "- The ID of the Attestation Provider." 67 location: "- (Required) The Azure Region where the Attestation Provider should exist. Changing this forces a new resource to be created." 68 name: "- (Required) The name which should be used for this Attestation Provider. Changing this forces a new resource to be created." 69 policy_signing_certificate_data: "- (Optional) A valid X.509 certificate (Section 4 of RFC4648). Changing this forces a new resource to be created." 70 resource_group_name: "- (Required) The name of the Resource Group where the attestation provider should exist. Changing this forces a new resource to be created." 71 tags: "- (Optional) A mapping of tags which should be assigned to the Attestation Provider." 72 timeouts.create: "- (Defaults to 30 minutes) Used when creating the Attestation Provider." 73 timeouts.delete: "- (Defaults to 30 minutes) Used when deleting the Attestation Provider." 74 timeouts.read: "- (Defaults to 5 minutes) Used when retrieving the Attestation Provider." 75 timeouts.update: "- (Defaults to 30 minutes) Used when updating the Attestation Provider." 76 trust_model: "- Trust model used for the Attestation Service." 77 importStatements: 78 - terraform import azurerm_attestation_provider.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Attestation/attestationProviders/provider1 79 azurerm_kubernetes_cluster: 80 subCategory: Container 81 description: Manages a managed Kubernetes Cluster (also known as AKS / Azure Kubernetes Service) 82 name: azurerm_kubernetes_cluster 83 title: azurerm_kubernetes_cluster 84 examples: 85 - name: example 86 manifest: |- 87 { 88 "default_node_pool": [ 89 { 90 "name": "default", 91 "node_count": 1, 92 "vm_size": "Standard_D2_v2" 93 } 94 ], 95 "dns_prefix": "exampleaks1", 96 "identity": [ 97 { 98 "type": "SystemAssigned" 99 } 100 ], 101 "location": "${azurerm_resource_group.example.location}", 102 "name": "example-aks1", 103 "resource_group_name": "${azurerm_resource_group.example.name}", 104 "tags": { 105 "Environment": "Production" 106 } 107 } 108 references: 109 location: azurerm_resource_group.example.location 110 resource_group_name: azurerm_resource_group.example.name 111 dependencies: 112 azurerm_resource_group.example: |- 113 { 114 "location": "West Europe", 115 "name": "example-resources" 116 } 117 argumentDocs: 118 aci_connector_linux.subnet_name: "- (Required) The subnet name for the virtual nodes to run." 119 allowed.day: "- (Required) A day in a week. Possible values are Sunday, Monday, Tuesday, Wednesday, Thursday, Friday and Saturday." 120 allowed.hours: "- (Required) An array of hour slots in a day. For example, specifying 1 will allow maintenance from 1:00am to 2:00am. Specifying 1, 2 will allow maintenance from 1:00am to 3:00m. Possible values are between 0 and 23." 121 auto_scaler_profile.balance_similar_node_groups: "- Detect similar node groups and balance the number of nodes between them. Defaults to false." 122 auto_scaler_profile.empty_bulk_delete_max: "- Maximum number of empty nodes that can be deleted at the same time. Defaults to 10." 123 auto_scaler_profile.expander: "- Expander to use. Possible values are least-waste, priority, most-pods and random. Defaults to random." 124 auto_scaler_profile.max_graceful_termination_sec: "- Maximum number of seconds the cluster autoscaler waits for pod termination when trying to scale down a node. Defaults to 600." 125 auto_scaler_profile.max_node_provisioning_time: "- Maximum time the autoscaler waits for a node to be provisioned. Defaults to 15m." 126 auto_scaler_profile.max_unready_nodes: "- Maximum Number of allowed unready nodes. Defaults to 3." 127 auto_scaler_profile.max_unready_percentage: "- Maximum percentage of unready nodes the cluster autoscaler will stop if the percentage is exceeded. Defaults to 45." 128 auto_scaler_profile.new_pod_scale_up_delay: "- For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. Defaults to 10s." 129 auto_scaler_profile.scale_down_delay_after_add: "- How long after the scale up of AKS nodes the scale down evaluation resumes. Defaults to 10m." 130 auto_scaler_profile.scale_down_delay_after_delete: "- How long after node deletion that scale down evaluation resumes. Defaults to the value used for scan_interval." 131 auto_scaler_profile.scale_down_delay_after_failure: "- How long after scale down failure that scale down evaluation resumes. Defaults to 3m." 132 auto_scaler_profile.scale_down_unneeded: "- How long a node should be unneeded before it is eligible for scale down. Defaults to 10m." 133 auto_scaler_profile.scale_down_unready: "- How long an unready node should be unneeded before it is eligible for scale down. Defaults to 20m." 134 auto_scaler_profile.scale_down_utilization_threshold: "- Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down. Defaults to 0.5." 135 auto_scaler_profile.scan_interval: "- How often the AKS Cluster should be re-evaluated for scale up/down. Defaults to 10s." 136 auto_scaler_profile.skip_nodes_with_local_storage: "- If true cluster autoscaler will never delete nodes with pods with local storage, for example, EmptyDir or HostPath. Defaults to true." 137 auto_scaler_profile.skip_nodes_with_system_pods: "- If true cluster autoscaler will never delete nodes with pods from kube-system (except for DaemonSet or mirror pods). Defaults to true." 138 azure_active_directory_role_based_access_control.admin_group_object_ids: "- (Optional) A list of Object IDs of Azure Active Directory Groups which should have Admin Role on the Cluster." 139 azure_active_directory_role_based_access_control.azure_rbac_enabled: "- (Optional) Is Role Based Access Control based on Azure AD enabled?" 140 azure_active_directory_role_based_access_control.client_app_id: "- (Required) The Client ID of an Azure Active Directory Application." 141 azure_active_directory_role_based_access_control.managed: "- (Optional) Is the Azure Active Directory integration Managed, meaning that Azure will create/manage the Service Principal used for integration." 142 azure_active_directory_role_based_access_control.server_app_id: "- (Required) The Server ID of an Azure Active Directory Application." 143 azure_active_directory_role_based_access_control.server_app_secret: "- (Required) The Server Secret of an Azure Active Directory Application." 144 azure_active_directory_role_based_access_control.tenant_id: "- (Optional) The Tenant ID used for Azure Active Directory Application. If this isn't specified the Tenant ID of the current Subscription is used." 145 default_node_pool: "- (Required) A default_node_pool block as defined below." 146 default_node_pool.enable_auto_scaling: "- (Optional) Should the Kubernetes Auto Scaler be enabled for this Node Pool? Defaults to false." 147 default_node_pool.enable_host_encryption: "- (Optional) Should the nodes in the Default Node Pool have host encryption enabled? Defaults to false." 148 default_node_pool.enable_node_public_ip: "- (Optional) Should nodes in this Node Pool have a Public IP Address? Defaults to false. Changing this forces a new resource to be created." 149 default_node_pool.fips_enabled: "- (Optional) Should the nodes in this Node Pool have Federal Information Processing Standard enabled? Changing this forces a new resource to be created." 150 default_node_pool.kubelet_config: "- (Optional) A kubelet_config block as defined below." 151 default_node_pool.kubelet_disk_type: "- (Optional) The type of disk used by kubelet. Possible values are OS and Temporary." 152 default_node_pool.linux_os_config: "- (Optional) A linux_os_config block as defined below." 153 default_node_pool.max_count: "- (Required) The maximum number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000." 154 default_node_pool.max_pods: "- (Optional) The maximum number of pods that can run on each agent. Changing this forces a new resource to be created." 155 default_node_pool.min_count: "- (Required) The minimum number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000." 156 default_node_pool.name: "- (Required) The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created." 157 default_node_pool.node_count: "- (Optional) The initial number of nodes which should exist in this Node Pool. If specified this must be between 1 and 1000 and between min_count and max_count." 158 default_node_pool.node_labels: "- (Optional) A map of Kubernetes labels which should be applied to nodes in the Default Node Pool." 159 default_node_pool.node_public_ip_prefix_id: "- (Optional) Resource ID for the Public IP Addresses Prefix for the nodes in this Node Pool. enable_node_public_ip should be true. Changing this forces a new resource to be created." 160 default_node_pool.only_critical_addons_enabled: "- (Optional) Enabling this option will taint default node pool with CriticalAddonsOnly=true:NoSchedule taint. Changing this forces a new resource to be created." 161 default_node_pool.orchestrator_version: "- (Optional) Version of Kubernetes used for the Agents. If not specified, the default node pool will be created with the version specified by kubernetes_version. If both are unspecified, the latest recommended version will be used at provisioning time (but won't auto-upgrade)" 162 default_node_pool.os_disk_size_gb: "- (Optional) The size of the OS Disk which should be used for each agent in the Node Pool. Changing this forces a new resource to be created." 163 default_node_pool.os_disk_type: "- (Optional) The type of disk which should be used for the Operating System. Possible values are Ephemeral and Managed. Defaults to Managed. Changing this forces a new resource to be created." 164 default_node_pool.os_sku: "- (Optional) OsSKU to be used to specify Linux OSType. Not applicable to Windows OSType. Possible values include: Ubuntu, CBLMariner. Defaults to Ubuntu. Changing this forces a new resource to be created." 165 default_node_pool.pod_subnet_id: "- (Optional) The ID of the Subnet where the pods in the default Node Pool should exist. Changing this forces a new resource to be created." 166 default_node_pool.tags: "- (Optional) A mapping of tags to assign to the Node Pool." 167 default_node_pool.type: "- (Optional) The type of Node Pool which should be created. Possible values are AvailabilitySet and VirtualMachineScaleSets. Defaults to VirtualMachineScaleSets." 168 default_node_pool.ultra_ssd_enabled: "- (Optional) Used to specify whether the UltraSSD is enabled in the Default Node Pool. Defaults to false. See the documentation for more information." 169 default_node_pool.upgrade_settings: "- (Optional) A upgrade_settings block as documented below." 170 default_node_pool.vm_size: "- (Required) The size of the Virtual Machine, such as Standard_DS2_v2. Changing this forces a new resource to be created." 171 default_node_pool.vnet_subnet_id: "- (Optional) The ID of a Subnet where the Kubernetes Node Pool should exist. Changing this forces a new resource to be created." 172 default_node_pool.zones: "- (Optional) Specifies a list of Availability Zones in which this Kubernetes Cluster should be located. Changing this forces a new Kubernetes Cluster to be created." 173 dns_prefix: "- (Optional) DNS prefix specified when creating the managed cluster. Changing this forces a new resource to be created." 174 dns_prefix_private_cluster: "- (Optional) Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created." 175 fqdn: "- The FQDN of the Azure Kubernetes Managed Cluster." 176 http_application_routing_zone_name: "- The Zone Name of the HTTP Application Routing." 177 http_proxy_config.http_proxy: "- (Optional) The proxy address to be used when communicating over HTTP." 178 http_proxy_config.https_proxy: "- (Optional) The proxy address to be used when communicating over HTTPS." 179 http_proxy_config.no_proxy: "- (Optional) The list of domains that will not use the proxy for communication." 180 http_proxy_config.trusted_ca: "- (Optional) The base64 encoded alternative CA certificate content in PEM format." 181 id: "- The Kubernetes Managed Cluster ID." 182 identity.aci_connector_linux: "- (Optional) A aci_connector_linux block as defined below. For more details, please visit Create and configure an AKS cluster to use virtual nodes." 183 identity.api_server_authorized_ip_ranges: "- (Optional) The IP ranges to allow for incoming traffic to the server nodes." 184 identity.auto_scaler_profile: "- (Optional) A auto_scaler_profile block as defined below." 185 identity.automatic_channel_upgrade: "- (Optional) The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none." 186 identity.azure_active_directory_role_based_access_control: "- (Optional) - A azure_active_directory_role_based_access_control block as defined below." 187 identity.azure_policy_enabled: "- (Optional) Should the Azure Policy Add-On be enabled? For more details please visit Understand Azure Policy for Azure Kubernetes Service" 188 identity.disk_encryption_set_id: "- (Optional) The ID of the Disk Encryption Set which should be used for the Nodes and Volumes. More information can be found in the documentation." 189 identity.http_application_routing_enabled: "- (Optional) Should HTTP Application Routing be enabled?" 190 identity.http_proxy_config: "- (Optional) A http_proxy_config block as defined below." 191 identity.identity: "- (Optional) An identity block as defined below. One of either identity or service_principal must be specified." 192 identity.identity_ids: "- (Optional) Specifies a list of User Assigned Managed Identity IDs to be assigned to this Kubernetes Cluster." 193 identity.ingress_application_gateway: "- (Optional) A ingress_application_gateway block as defined below." 194 identity.key_vault_secrets_provider: "- (Optional) A key_vault_secrets_provider block as defined below. For more details, please visit Azure Keyvault Secrets Provider for AKS." 195 identity.kubelet_identity: "- A kubelet_identity block as defined below. Changing this forces a new resource to be created." 196 identity.kubernetes_version: "- (Optional) Version of Kubernetes specified when creating the AKS managed cluster. If not specified, the latest recommended version will be used at provisioning time (but won't auto-upgrade)." 197 identity.linux_profile: "- (Optional) A linux_profile block as defined below." 198 identity.local_account_disabled: "- (Optional) - If true local accounts will be disabled. Defaults to false. See the documentation for more information." 199 identity.maintenance_window: "- (Optional) A maintenance_window block as defined below." 200 identity.microsoft_defender: "- (Optional) A microsoft_defender block as defined below." 201 identity.network_profile: "- (Optional) A network_profile block as defined below." 202 identity.node_resource_group: "- (Optional) The name of the Resource Group where the Kubernetes Nodes should exist. Changing this forces a new resource to be created." 203 identity.oidc_issuer_enabled: "- (Required) Enable or Disable the OIDC issuer URL" 204 identity.oms_agent: "- (Optional) A oms_agent block as defined below." 205 identity.open_service_mesh_enabled: "- (Optional) Is Open Service Mesh enabled? For more details, please visit Open Service Mesh for AKS." 206 identity.principal_id: "- The Principal ID associated with this Managed Service Identity." 207 identity.private_cluster_enabled: "- (Optional) Should this Kubernetes Cluster have its API server only exposed on internal IP addresses? This provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. Defaults to false. Changing this forces a new resource to be created." 208 identity.private_cluster_public_fqdn_enabled: "- (Optional) Specifies whether a Public FQDN for this Private Cluster should be added. Defaults to false." 209 identity.private_dns_zone_id: "- (Optional) Either the ID of Private DNS Zone which should be delegated to this Cluster, System to have AKS manage this or None. In case of None you will need to bring your own DNS server and set up resolving, otherwise cluster will have issues after provisioning. Changing this forces a new resource to be created." 210 identity.role_based_access_control_enabled: (Optional) - Whether Role Based Access Control for the Kubernetes Cluster should be enabled. Defaults to true. Changing this forces a new resource to be created. 211 identity.run_command_enabled: "- (Optional) Whether to enable run command for the cluster or not. Defaults to true." 212 identity.service_principal: "- (Optional) A service_principal block as documented below. One of either identity or service_principal must be specified." 213 identity.sku_tier: "- (Optional) The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free and Paid (which includes the Uptime SLA). Defaults to Free." 214 identity.tags: "- (Optional) A mapping of tags to assign to the resource." 215 identity.tenant_id: "- The Tenant ID associated with this Managed Service Identity." 216 identity.type: "- (Required) Specifies the type of Managed Service Identity that should be configured on this Kubernetes Cluster. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both)." 217 identity.windows_profile: "- (Optional) A windows_profile block as defined below." 218 ingress_application_gateway.effective_gateway_id: "- The ID of the Application Gateway associated with the ingress controller deployed to this Kubernetes Cluster." 219 ingress_application_gateway.gateway_id: "- (Optional) The ID of the Application Gateway to integrate with the ingress controller of this Kubernetes Cluster. See this page for further details." 220 ingress_application_gateway.gateway_name: "- (Optional) The name of the Application Gateway to be used or created in the Nodepool Resource Group, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details." 221 ingress_application_gateway.ingress_application_gateway_identity: "- An ingress_application_gateway_identity block is exported. The exported attributes are defined below." 222 ingress_application_gateway.subnet_cidr: "- (Optional) The subnet CIDR to be used to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details." 223 ingress_application_gateway.subnet_id: "- (Optional) The ID of the subnet on which to create an Application Gateway, which in turn will be integrated with the ingress controller of this Kubernetes Cluster. See this page for further details." 224 ingress_application_gateway_identity.client_id: "- The Client ID of the user-defined Managed Identity used by the Application Gateway." 225 ingress_application_gateway_identity.object_id: "- The Object ID of the user-defined Managed Identity used by the Application Gateway." 226 ingress_application_gateway_identity.user_assigned_identity_id: "- The ID of the User Assigned Identity used by the Application Gateway." 227 key_vault_secrets_provider.secret_identity: "- An secret_identity block is exported. The exported attributes are defined below." 228 key_vault_secrets_provider.secret_identity.client_id: "- The Client ID of the user-defined Managed Identity used by the Secret Provider." 229 key_vault_secrets_provider.secret_identity.object_id: "- The Object ID of the user-defined Managed Identity used by the Secret Provider." 230 key_vault_secrets_provider.secret_identity.user_assigned_identity_id: "- The ID of the User Assigned Identity used by the Secret Provider." 231 key_vault_secrets_provider.secret_rotation_enabled: "- (Required) Is secret rotation enabled?" 232 key_vault_secrets_provider.secret_rotation_interval: "- (Required) The interval to poll for secret rotation. This attribute is only set when secret_rotation is true and defaults to 2m." 233 kube_admin_config: "- A kube_admin_config block as defined below. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled." 234 kube_admin_config.client_certificate: "- Base64 encoded public certificate used by clients to authenticate to the Kubernetes cluster." 235 kube_admin_config.client_key: "- Base64 encoded private key used by clients to authenticate to the Kubernetes cluster." 236 kube_admin_config.cluster_ca_certificate: "- Base64 encoded public CA certificate used as the root of trust for the Kubernetes cluster." 237 kube_admin_config.host: "- The Kubernetes cluster server host." 238 kube_admin_config.password: "- A password or token used to authenticate to the Kubernetes cluster." 239 kube_admin_config.username: "- A username used to authenticate to the Kubernetes cluster." 240 kube_admin_config_raw: "- Raw Kubernetes config for the admin account to be used by kubectl and other compatible tools. This is only available when Role Based Access Control with Azure Active Directory is enabled and local accounts enabled." 241 kube_config: "- A kube_config block as defined below." 242 kube_config_raw: "- Raw Kubernetes config to be used by kubectl and other compatible tools." 243 kubelet_config.allowed_unsafe_sysctls: "- (Optional) Specifies the allow list of unsafe sysctls command or patterns (ending in *). Changing this forces a new resource to be created." 244 kubelet_config.container_log_max_line: "- (Optional) Specifies the maximum number of container log files that can be present for a container. must be at least 2. Changing this forces a new resource to be created." 245 kubelet_config.container_log_max_size_mb: "- (Optional) Specifies the maximum size (e.g. 10MB) of container log file before it is rotated. Changing this forces a new resource to be created." 246 kubelet_config.cpu_cfs_quota_enabled: "- (Optional) Is CPU CFS quota enforcement for containers enabled? Changing this forces a new resource to be created." 247 kubelet_config.cpu_cfs_quota_period: "- (Optional) Specifies the CPU CFS quota period value. Changing this forces a new resource to be created." 248 kubelet_config.cpu_manager_policy: "- (Optional) Specifies the CPU Manager policy to use. Possible values are none and static, Changing this forces a new resource to be created." 249 kubelet_config.image_gc_high_threshold: "- (Optional) Specifies the percent of disk usage above which image garbage collection is always run. Must be between 0 and 100. Changing this forces a new resource to be created." 250 kubelet_config.image_gc_low_threshold: "- (Optional) Specifies the percent of disk usage lower than which image garbage collection is never run. Must be between 0 and 100. Changing this forces a new resource to be created." 251 kubelet_config.pod_max_pid: "- (Optional) Specifies the maximum number of processes per pod. Changing this forces a new resource to be created." 252 kubelet_config.topology_manager_policy: "- (Optional) Specifies the Topology Manager policy to use. Possible values are none, best-effort, restricted or single-numa-node. Changing this forces a new resource to be created." 253 kubelet_identity.client_id: "- (Required) The Client ID of the user-defined Managed Identity to be assigned to the Kubelets. If not specified a Managed Identity is created automatically." 254 kubelet_identity.object_id: "- (Required) The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically." 255 kubelet_identity.user_assigned_identity_id: "- (Required) The ID of the User Assigned Identity assigned to the Kubelets. If not specified a Managed Identity is created automatically." 256 linux_os_config.swap_file_size_mb: "- (Optional) Specifies the size of swap file on each node in MB. Changing this forces a new resource to be created." 257 linux_os_config.sysctl_config: "- (Optional) A sysctl_config block as defined below. Changing this forces a new resource to be created." 258 linux_os_config.transparent_huge_page_defrag: "- (Optional) specifies the defrag configuration for Transparent Huge Page. Possible values are always, defer, defer+madvise, madvise and never. Changing this forces a new resource to be created." 259 linux_os_config.transparent_huge_page_enabled: "- (Optional) Specifies the Transparent Huge Page enabled configuration. Possible values are always, madvise and never. Changing this forces a new resource to be created." 260 linux_profile.admin_username: "- (Required) The Admin Username for the Cluster. Changing this forces a new resource to be created." 261 linux_profile.ssh_key: "- (Required) An ssh_key block. Only one is currently allowed. Changing this forces a new resource to be created." 262 load_balancer_profile.effective_outbound_ips: "- The outcome (resource IDs) of the specified arguments." 263 load_balancer_profile.idle_timeout_in_minutes: "- (Optional) Desired outbound flow idle timeout in minutes for the cluster load balancer. Must be between 4 and 120 inclusive. Defaults to 30." 264 load_balancer_profile.managed_outbound_ip_count: "- (Optional) Count of desired managed outbound IPs for the cluster load balancer. Must be between 1 and 100 inclusive." 265 load_balancer_profile.outbound_ip_address_ids: "- (Optional) The ID of the Public IP Addresses which should be used for outbound communication for the cluster load balancer." 266 load_balancer_profile.outbound_ip_prefix_ids: "- (Optional) The ID of the outbound Public IP Address Prefixes which should be used for the cluster load balancer." 267 load_balancer_profile.outbound_ports_allocated: "- (Optional) Number of desired SNAT port for each VM in the clusters load balancer. Must be between 0 and 64000 inclusive. Defaults to 0." 268 location: "- (Required) The location where the Managed Kubernetes Cluster should be created. Changing this forces a new resource to be created." 269 maintenance_window.allowed: "- (Optional) One or more allowed block as defined below." 270 maintenance_window.not_allowed: "- (Optional) One or more not_allowed block as defined below." 271 microsoft_defender.log_analytics_workspace_id: "- (Required) Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to." 272 name: "- (Required) The name of the Managed Kubernetes Cluster to create. Changing this forces a new resource to be created." 273 nat_gateway_profile.effective_outbound_ips: "- The outcome (resource IDs) of the specified arguments." 274 nat_gateway_profile.idle_timeout_in_minutes: "- (Optional) Desired outbound flow idle timeout in minutes for the cluster load balancer. Must be between 4 and 120 inclusive. Defaults to 4." 275 nat_gateway_profile.managed_outbound_ip_count: "- (Optional) Count of desired managed outbound IPs for the cluster load balancer. Must be between 1 and 100 inclusive." 276 network_profile.network_plugin: "- (Required) Network plugin to use for networking. Currently supported values are azure, kubenet and none. Changing this forces a new resource to be created." 277 network_profile.network_plugin.dns_service_ip: "- (Optional) IP address within the Kubernetes service address range that will be used by cluster service discovery (kube-dns). Changing this forces a new resource to be created." 278 network_profile.network_plugin.docker_bridge_cidr: "- (Optional) IP address (in CIDR notation) used as the Docker bridge IP address on nodes. Changing this forces a new resource to be created." 279 network_profile.network_plugin.ip_versions: "- (Optional) Specifies a list of IP versions the Kubernetes Cluster will use to assign IP addresses to its nodes and pods. Possible values are IPv4 and/or IPv6. IPv4 must always be specified. Changing this forces a new resource to be created." 280 network_profile.network_plugin.load_balancer_profile: "- (Optional) A load_balancer_profile block. This can only be specified when load_balancer_sku is set to standard." 281 network_profile.network_plugin.load_balancer_sku: "- (Optional) Specifies the SKU of the Load Balancer used for this Kubernetes Cluster. Possible values are basic and standard. Defaults to standard." 282 network_profile.network_plugin.nat_gateway_profile: "- (Optional) A nat_gateway_profile block. This can only be specified when load_balancer_sku is set to standard and outbound_type is set to managedNATGateway or userAssignedNATGateway." 283 network_profile.network_plugin.network_mode: "- (Optional) Network mode to be used with Azure CNI. Possible values are bridge and transparent. Changing this forces a new resource to be created." 284 network_profile.network_plugin.network_policy: "- (Optional) Sets up network policy to be used with Azure CNI. Network policy allows us to control the traffic flow between pods. Currently supported values are calico and azure. Changing this forces a new resource to be created." 285 network_profile.network_plugin.outbound_type: "- (Optional) The outbound (egress) routing method which should be used for this Kubernetes Cluster. Possible values are loadBalancer, userDefinedRouting, managedNATGateway and userAssignedNATGateway. Defaults to loadBalancer." 286 network_profile.network_plugin.pod_cidr: "- (Optional) The CIDR to use for pod IP addresses. This field can only be set when network_plugin is set to kubenet. Changing this forces a new resource to be created." 287 network_profile.network_plugin.service_cidr: "- (Optional) The Network Range used by the Kubernetes service. Changing this forces a new resource to be created." 288 node_resource_group: "- The auto-generated Resource Group which contains the resources for this Managed Kubernetes Cluster." 289 not_allowed.end: "- (Required) The end of a time span, formatted as an RFC3339 string." 290 not_allowed.start: "- (Required) The start of a time span, formatted as an RFC3339 string." 291 oidc_issuer_url: "- The OIDC issuer URL that is associated with the cluster." 292 oms_agent.log_analytics_workspace_id: "- (Required) The ID of the Log Analytics Workspace which the OMS Agent should send data to." 293 oms_agent.oms_agent_identity: "- An oms_agent_identity block is exported. The exported attributes are defined below." 294 oms_agent.oms_agent_identity.client_id: "- The Client ID of the user-defined Managed Identity used by the OMS Agents." 295 oms_agent.oms_agent_identity.object_id: "- The Object ID of the user-defined Managed Identity used by the OMS Agents." 296 oms_agent.oms_agent_identity.user_assigned_identity_id: "- The ID of the User Assigned Identity used by the OMS Agents." 297 portal_fqdn: "- The FQDN for the Azure Portal resources when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster." 298 private_fqdn: "- The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster." 299 resource_group_name: "- (Required) Specifies the Resource Group where the Managed Kubernetes Cluster should exist. Changing this forces a new resource to be created." 300 service_principal.client_id: "- (Required) The Client ID for the Service Principal." 301 service_principal.client_secret: "- (Required) The Client Secret for the Service Principal." 302 ssh_key.key_data: "- (Required) The Public SSH Key used to access the cluster. Changing this forces a new resource to be created." 303 sysctl_config.fs_aio_max_nr: "- (Optional) The sysctl setting fs.aio-max-nr. Must be between 65536 and 6553500. Changing this forces a new resource to be created." 304 sysctl_config.fs_file_max: "- (Optional) The sysctl setting fs.file-max. Must be between 8192 and 12000500. Changing this forces a new resource to be created." 305 sysctl_config.fs_inotify_max_user_watches: "- (Optional) The sysctl setting fs.inotify.max_user_watches. Must be between 781250 and 2097152. Changing this forces a new resource to be created." 306 sysctl_config.fs_nr_open: "- (Optional) The sysctl setting fs.nr_open. Must be between 8192 and 20000500. Changing this forces a new resource to be created." 307 sysctl_config.kernel_threads_max: "- (Optional) The sysctl setting kernel.threads-max. Must be between 20 and 513785. Changing this forces a new resource to be created." 308 sysctl_config.net_core_netdev_max_backlog: "- (Optional) The sysctl setting net.core.netdev_max_backlog. Must be between 1000 and 3240000. Changing this forces a new resource to be created." 309 sysctl_config.net_core_optmem_max: "- (Optional) The sysctl setting net.core.optmem_max. Must be between 20480 and 4194304. Changing this forces a new resource to be created." 310 sysctl_config.net_core_rmem_default: "- (Optional) The sysctl setting net.core.rmem_default. Must be between 212992 and 134217728. Changing this forces a new resource to be created." 311 sysctl_config.net_core_rmem_max: "- (Optional) The sysctl setting net.core.rmem_max. Must be between 212992 and 134217728. Changing this forces a new resource to be created." 312 sysctl_config.net_core_somaxconn: "- (Optional) The sysctl setting net.core.somaxconn. Must be between 4096 and 3240000. Changing this forces a new resource to be created." 313 sysctl_config.net_core_wmem_default: "- (Optional) The sysctl setting net.core.wmem_default. Must be between 212992 and 134217728. Changing this forces a new resource to be created." 314 sysctl_config.net_core_wmem_max: "- (Optional) The sysctl setting net.core.wmem_max. Must be between 212992 and 134217728. Changing this forces a new resource to be created." 315 sysctl_config.net_ipv4_ip_local_port_range_max: "- (Optional) The sysctl setting net.ipv4.ip_local_port_range max value. Must be between 1024 and 60999. Changing this forces a new resource to be created." 316 sysctl_config.net_ipv4_ip_local_port_range_min: "- (Optional) The sysctl setting net.ipv4.ip_local_port_range min value. Must be between 1024 and 60999. Changing this forces a new resource to be created." 317 sysctl_config.net_ipv4_neigh_default_gc_thresh1: "- (Optional) The sysctl setting net.ipv4.neigh.default.gc_thresh1. Must be between 128 and 80000. Changing this forces a new resource to be created." 318 sysctl_config.net_ipv4_neigh_default_gc_thresh2: "- (Optional) The sysctl setting net.ipv4.neigh.default.gc_thresh2. Must be between 512 and 90000. Changing this forces a new resource to be created." 319 sysctl_config.net_ipv4_neigh_default_gc_thresh3: "- (Optional) The sysctl setting net.ipv4.neigh.default.gc_thresh3. Must be between 1024 and 100000. Changing this forces a new resource to be created." 320 sysctl_config.net_ipv4_tcp_fin_timeout: "- (Optional) The sysctl setting net.ipv4.tcp_fin_timeout. Must be between 5 and 120. Changing this forces a new resource to be created." 321 sysctl_config.net_ipv4_tcp_keepalive_intvl: "- (Optional) The sysctl setting net.ipv4.tcp_keepalive_intvl. Must be between 10 and 75. Changing this forces a new resource to be created." 322 sysctl_config.net_ipv4_tcp_keepalive_probes: "- (Optional) The sysctl setting net.ipv4.tcp_keepalive_probes. Must be between 1 and 15. Changing this forces a new resource to be created." 323 sysctl_config.net_ipv4_tcp_keepalive_time: "- (Optional) The sysctl setting net.ipv4.tcp_keepalive_time. Must be between 30 and 432000. Changing this forces a new resource to be created." 324 sysctl_config.net_ipv4_tcp_max_syn_backlog: "- (Optional) The sysctl setting net.ipv4.tcp_max_syn_backlog. Must be between 128 and 3240000. Changing this forces a new resource to be created." 325 sysctl_config.net_ipv4_tcp_max_tw_buckets: "- (Optional) The sysctl setting net.ipv4.tcp_max_tw_buckets. Must be between 8000 and 1440000. Changing this forces a new resource to be created." 326 sysctl_config.net_ipv4_tcp_tw_reuse: "- (Optional) The sysctl setting net.ipv4.tcp_tw_reuse. Changing this forces a new resource to be created." 327 sysctl_config.net_netfilter_nf_conntrack_buckets: "- (Optional) The sysctl setting net.netfilter.nf_conntrack_buckets. Must be between 65536 and 147456. Changing this forces a new resource to be created." 328 sysctl_config.net_netfilter_nf_conntrack_max: "- (Optional) The sysctl setting net.netfilter.nf_conntrack_max. Must be between 131072 and 1048576. Changing this forces a new resource to be created." 329 sysctl_config.vm_max_map_count: "- (Optional) The sysctl setting vm.max_map_count. Must be between 65530 and 262144. Changing this forces a new resource to be created." 330 sysctl_config.vm_swappiness: "- (Optional) The sysctl setting vm.swappiness. Must be between 0 and 100. Changing this forces a new resource to be created." 331 sysctl_config.vm_vfs_cache_pressure: "- (Optional) The sysctl setting vm.vfs_cache_pressure. Must be between 0 and 100. Changing this forces a new resource to be created." 332 timeouts.create: "- (Defaults to 90 minutes) Used when creating the Kubernetes Cluster." 333 timeouts.delete: "- (Defaults to 90 minutes) Used when deleting the Kubernetes Cluster." 334 timeouts.read: "- (Defaults to 5 minutes) Used when retrieving the Kubernetes Cluster." 335 timeouts.update: "- (Defaults to 90 minutes) Used when updating the Kubernetes Cluster." 336 upgrade_settings.max_surge: "- (Required) The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade." 337 windows_profile.admin_password: "- (Required) The Admin Password for Windows VMs. Length must be between 14 and 123 characters." 338 windows_profile.admin_username: "- (Required) The Admin Username for Windows VMs." 339 windows_profile.license: "- (Optional) Specifies the type of on-premise license which should be used for Node Pool Windows Virtual Machine. At this time the only possible value is Windows_Server." 340 importStatements: 341 - terraform import azurerm_kubernetes_cluster.cluster1 /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/group1/providers/Microsoft.ContainerService/managedClusters/cluster1