sigs.k8s.io/cluster-api-provider-azure@v1.14.3/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanes.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.13.0 7 name: azuremanagedcontrolplanes.infrastructure.cluster.x-k8s.io 8 spec: 9 group: infrastructure.cluster.x-k8s.io 10 names: 11 categories: 12 - cluster-api 13 kind: AzureManagedControlPlane 14 listKind: AzureManagedControlPlaneList 15 plural: azuremanagedcontrolplanes 16 shortNames: 17 - amcp 18 singular: azuremanagedcontrolplane 19 scope: Namespaced 20 versions: 21 - additionalPrinterColumns: 22 - description: Cluster to which this AzureManagedControlPlane belongs 23 jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name 24 name: Cluster 25 type: string 26 - jsonPath: .status.conditions[?(@.type=='Ready')].status 27 name: Ready 28 type: string 29 - jsonPath: .status.conditions[?(@.type=='Ready')].severity 30 name: Severity 31 type: string 32 - jsonPath: .status.conditions[?(@.type=='Ready')].reason 33 name: Reason 34 type: string 35 - jsonPath: .status.conditions[?(@.type=='Ready')].message 36 name: Message 37 priority: 1 38 type: string 39 - description: Time duration since creation of this AzureManagedControlPlane 40 jsonPath: .metadata.creationTimestamp 41 name: Age 42 type: date 43 name: v1beta1 44 schema: 45 openAPIV3Schema: 46 description: AzureManagedControlPlane is the Schema for the azuremanagedcontrolplanes 47 API. 48 properties: 49 apiVersion: 50 description: 'APIVersion defines the versioned schema of this representation 51 of an object. Servers should convert recognized schemas to the latest 52 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 53 type: string 54 kind: 55 description: 'Kind is a string value representing the REST resource this 56 object represents. Servers may infer this from the endpoint the client 57 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 58 type: string 59 metadata: 60 type: object 61 spec: 62 description: AzureManagedControlPlaneSpec defines the desired state of 63 AzureManagedControlPlane. 64 properties: 65 aadProfile: 66 description: AadProfile is Azure Active Directory configuration to 67 integrate with AKS for aad authentication. 68 properties: 69 adminGroupObjectIDs: 70 description: AdminGroupObjectIDs - AAD group object IDs that will 71 have admin role of the cluster. 72 items: 73 type: string 74 type: array 75 managed: 76 description: Managed - Whether to enable managed AAD. 77 type: boolean 78 required: 79 - adminGroupObjectIDs 80 - managed 81 type: object 82 additionalTags: 83 additionalProperties: 84 type: string 85 description: AdditionalTags is an optional set of tags to add to Azure 86 resources managed by the Azure provider, in addition to the ones 87 added by default. 88 type: object 89 addonProfiles: 90 description: AddonProfiles are the profiles of managed cluster add-on. 91 items: 92 description: AddonProfile represents a managed cluster add-on. 93 properties: 94 config: 95 additionalProperties: 96 type: string 97 description: Config - Key-value pairs for configuring the add-on. 98 type: object 99 enabled: 100 description: Enabled - Whether the add-on is enabled or not. 101 type: boolean 102 name: 103 description: Name - The name of the managed cluster add-on. 104 type: string 105 required: 106 - enabled 107 - name 108 type: object 109 type: array 110 apiServerAccessProfile: 111 description: APIServerAccessProfile is the access profile for AKS 112 API server. Immutable except for `authorizedIPRanges`. 113 properties: 114 authorizedIPRanges: 115 description: AuthorizedIPRanges - Authorized IP Ranges to kubernetes 116 API server. 117 items: 118 type: string 119 type: array 120 enablePrivateCluster: 121 description: EnablePrivateCluster indicates whether to create 122 the cluster as a private cluster or not. 123 type: boolean 124 enablePrivateClusterPublicFQDN: 125 description: EnablePrivateClusterPublicFQDN indicates whether 126 to create additional public FQDN for private cluster or not. 127 type: boolean 128 privateDNSZone: 129 description: PrivateDNSZone enables private dns zone mode for 130 private cluster. 131 type: string 132 type: object 133 asoManagedClusterPatches: 134 description: 'ASOManagedClusterPatches defines JSON merge patches 135 to be applied to the generated ASO ManagedCluster resource. WARNING: 136 This is meant to be used sparingly to enable features for development 137 and testing that are not otherwise represented in the CAPZ API. 138 Misconfiguration that conflicts with CAPZ''s normal mode of operation 139 is possible.' 140 items: 141 type: string 142 type: array 143 autoUpgradeProfile: 144 description: AutoUpgradeProfile defines the auto upgrade configuration. 145 properties: 146 upgradeChannel: 147 description: UpgradeChannel determines the type of upgrade channel 148 for automatically upgrading the cluster. 149 enum: 150 - node-image 151 - none 152 - patch 153 - rapid 154 - stable 155 type: string 156 type: object 157 autoscalerProfile: 158 description: AutoscalerProfile is the parameters to be applied to 159 the cluster-autoscaler when enabled 160 properties: 161 balanceSimilarNodeGroups: 162 description: BalanceSimilarNodeGroups - Valid values are 'true' 163 and 'false'. The default is false. 164 enum: 165 - "true" 166 - "false" 167 type: string 168 expander: 169 description: Expander - If not specified, the default is 'random'. 170 See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) 171 for more information. 172 enum: 173 - least-waste 174 - most-pods 175 - priority 176 - random 177 type: string 178 maxEmptyBulkDelete: 179 description: MaxEmptyBulkDelete - The default is 10. 180 type: string 181 maxGracefulTerminationSec: 182 description: MaxGracefulTerminationSec - The default is 600. 183 pattern: ^(\d+)$ 184 type: string 185 maxNodeProvisionTime: 186 description: MaxNodeProvisionTime - The default is '15m'. Values 187 must be an integer followed by an 'm'. No unit of time other 188 than minutes (m) is supported. 189 pattern: ^(\d+)m$ 190 type: string 191 maxTotalUnreadyPercentage: 192 description: MaxTotalUnreadyPercentage - The default is 45. The 193 maximum is 100 and the minimum is 0. 194 maxLength: 3 195 minLength: 1 196 pattern: ^(\d+)$ 197 type: string 198 newPodScaleUpDelay: 199 description: NewPodScaleUpDelay - For scenarios like burst/batch 200 scale where you don't want CA to act before the kubernetes scheduler 201 could schedule all the pods, you can tell CA to ignore unscheduled 202 pods before they're a certain age. The default is '0s'. Values 203 must be an integer followed by a unit ('s' for seconds, 'm' 204 for minutes, 'h' for hours, etc). 205 type: string 206 okTotalUnreadyCount: 207 description: OkTotalUnreadyCount - This must be an integer. The 208 default is 3. 209 pattern: ^(\d+)$ 210 type: string 211 scaleDownDelayAfterAdd: 212 description: ScaleDownDelayAfterAdd - The default is '10m'. Values 213 must be an integer followed by an 'm'. No unit of time other 214 than minutes (m) is supported. 215 pattern: ^(\d+)m$ 216 type: string 217 scaleDownDelayAfterDelete: 218 description: ScaleDownDelayAfterDelete - The default is the scan-interval. 219 Values must be an integer followed by an 's'. No unit of time 220 other than seconds (s) is supported. 221 pattern: ^(\d+)s$ 222 type: string 223 scaleDownDelayAfterFailure: 224 description: ScaleDownDelayAfterFailure - The default is '3m'. 225 Values must be an integer followed by an 'm'. No unit of time 226 other than minutes (m) is supported. 227 pattern: ^(\d+)m$ 228 type: string 229 scaleDownUnneededTime: 230 description: ScaleDownUnneededTime - The default is '10m'. Values 231 must be an integer followed by an 'm'. No unit of time other 232 than minutes (m) is supported. 233 pattern: ^(\d+)m$ 234 type: string 235 scaleDownUnreadyTime: 236 description: ScaleDownUnreadyTime - The default is '20m'. Values 237 must be an integer followed by an 'm'. No unit of time other 238 than minutes (m) is supported. 239 pattern: ^(\d+)m$ 240 type: string 241 scaleDownUtilizationThreshold: 242 description: ScaleDownUtilizationThreshold - The default is '0.5'. 243 type: string 244 scanInterval: 245 description: ScanInterval - How often cluster is reevaluated for 246 scale up or down. The default is '10s'. 247 pattern: ^(\d+)s$ 248 type: string 249 skipNodesWithLocalStorage: 250 description: SkipNodesWithLocalStorage - The default is false. 251 enum: 252 - "true" 253 - "false" 254 type: string 255 skipNodesWithSystemPods: 256 description: SkipNodesWithSystemPods - The default is true. 257 enum: 258 - "true" 259 - "false" 260 type: string 261 type: object 262 azureEnvironment: 263 description: "AzureEnvironment is the name of the AzureCloud to be 264 used. The default value that would be used by most users is \"AzurePublicCloud\", 265 other values are: - ChinaCloud: \"AzureChinaCloud\" - PublicCloud: 266 \"AzurePublicCloud\" - USGovernmentCloud: \"AzureUSGovernmentCloud\" 267 \n Note that values other than the default must also be accompanied 268 by corresponding changes to the aso-controller-settings Secret to 269 configure ASO to refer to the non-Public cloud. ASO currently does 270 not support referring to multiple different clouds in a single installation. 271 The following fields must be defined in the Secret: - AZURE_AUTHORITY_HOST 272 - AZURE_RESOURCE_MANAGER_ENDPOINT - AZURE_RESOURCE_MANAGER_AUDIENCE 273 \n See the [ASO docs] for more details. \n [ASO docs]: https://azure.github.io/azure-service-operator/guide/aso-controller-settings-options/" 274 type: string 275 controlPlaneEndpoint: 276 description: ControlPlaneEndpoint represents the endpoint used to 277 communicate with the control plane. Immutable, populated by the 278 AKS API at create. 279 properties: 280 host: 281 description: The hostname on which the API server is serving. 282 type: string 283 port: 284 description: The port on which the API server is serving. 285 format: int32 286 type: integer 287 required: 288 - host 289 - port 290 type: object 291 disableLocalAccounts: 292 description: DisableLocalAccounts disables getting static credentials 293 for this cluster when set. Expected to only be used for AAD clusters. 294 type: boolean 295 dnsPrefix: 296 description: DNSPrefix allows the user to customize dns prefix. Immutable. 297 type: string 298 dnsServiceIP: 299 description: DNSServiceIP is an IP address assigned to the Kubernetes 300 DNS service. It must be within the Kubernetes service address range 301 specified in serviceCidr. Immutable. 302 type: string 303 enablePreviewFeatures: 304 description: EnablePreviewFeatures enables preview features for the 305 cluster. 306 type: boolean 307 extensions: 308 description: Extensions is a list of AKS extensions to be installed 309 on the cluster. 310 items: 311 description: "AKSExtension represents the configuration for an AKS 312 cluster extension. See also [AKS doc]. \n [AKS doc]: https://learn.microsoft.com/en-us/azure/aks/cluster-extensions" 313 properties: 314 aksAssignedIdentityType: 315 description: AKSAssignedIdentityType is the type of the AKS 316 assigned identity. 317 enum: 318 - SystemAssigned 319 - UserAssigned 320 type: string 321 autoUpgradeMinorVersion: 322 default: true 323 description: AutoUpgradeMinorVersion is a flag to note if this 324 extension participates in auto upgrade of minor version, or 325 not. 326 type: boolean 327 configurationSettings: 328 additionalProperties: 329 type: string 330 description: ConfigurationSettings are the name-value pairs 331 for configuring this extension. 332 type: object 333 extensionType: 334 description: ExtensionType is the type of the Extension of which 335 this resource is an instance. It must be one of the Extension 336 Types registered with Microsoft.KubernetesConfiguration by 337 the Extension publisher. 338 type: string 339 identity: 340 description: Identity is the identity type of the Extension 341 resource in an AKS cluster. 342 enum: 343 - SystemAssigned 344 type: string 345 name: 346 description: Name is the name of the extension. 347 type: string 348 plan: 349 description: Plan is the plan of the extension. 350 properties: 351 name: 352 description: Name is the user-defined name of the 3rd Party 353 Artifact that is being procured. 354 type: string 355 product: 356 description: Product is the name of the 3rd Party artifact 357 that is being procured. 358 type: string 359 promotionCode: 360 description: PromotionCode is a publisher-provided promotion 361 code as provisioned in Data Market for the said product/artifact. 362 type: string 363 publisher: 364 description: Publisher is the name of the publisher of the 365 3rd Party Artifact that is being bought. 366 type: string 367 version: 368 description: Version is the version of the plan. 369 type: string 370 type: object 371 releaseTrain: 372 description: ReleaseTrain is the release train this extension 373 participates in for auto-upgrade (e.g. Stable, Preview, etc.) 374 This is only used if autoUpgradeMinorVersion is ‘true’. 375 type: string 376 scope: 377 description: Scope is the scope at which this extension is enabled. 378 properties: 379 releaseNamespace: 380 description: ReleaseNamespace is the namespace where the 381 extension Release must be placed, for a Cluster-scoped 382 extension. Required for Cluster-scoped extensions. 383 type: string 384 scopeType: 385 description: ScopeType is the scope of the extension. It 386 can be either Cluster or Namespace, but not both. 387 enum: 388 - Cluster 389 - Namespace 390 type: string 391 targetNamespace: 392 description: TargetNamespace is the namespace where the 393 extension will be created for a Namespace-scoped extension. 394 Required for Namespace-scoped extensions. 395 type: string 396 required: 397 - scopeType 398 type: object 399 version: 400 description: Version is the version of the extension. 401 type: string 402 required: 403 - extensionType 404 - name 405 type: object 406 type: array 407 fleetsMember: 408 description: "FleetsMember is the spec for the fleet this cluster 409 is a member of. See also [AKS doc]. \n [AKS doc]: https://learn.microsoft.com/en-us/azure/templates/microsoft.containerservice/2023-03-15-preview/fleets/members" 410 properties: 411 group: 412 description: Group is the group this member belongs to for multi-cluster 413 update management. 414 type: string 415 managerName: 416 description: ManagerName is the name of the fleet manager. 417 type: string 418 managerResourceGroup: 419 description: ManagerResourceGroup is the resource group of the 420 fleet manager. 421 type: string 422 name: 423 description: Name is the name of the member. 424 type: string 425 required: 426 - managerName 427 - managerResourceGroup 428 type: object 429 httpProxyConfig: 430 description: HTTPProxyConfig is the HTTP proxy configuration for the 431 cluster. Immutable. 432 properties: 433 httpProxy: 434 description: HTTPProxy is the HTTP proxy server endpoint to use. 435 type: string 436 httpsProxy: 437 description: HTTPSProxy is the HTTPS proxy server endpoint to 438 use. 439 type: string 440 noProxy: 441 description: NoProxy indicates the endpoints that should not go 442 through proxy. 443 items: 444 type: string 445 type: array 446 trustedCa: 447 description: TrustedCA is the alternative CA cert to use for connecting 448 to proxy servers. 449 type: string 450 type: object 451 identity: 452 description: Identity configuration used by the AKS control plane. 453 properties: 454 type: 455 description: Type - The Identity type to use. 456 enum: 457 - SystemAssigned 458 - UserAssigned 459 type: string 460 userAssignedIdentityResourceID: 461 description: UserAssignedIdentityResourceID - Identity ARM resource 462 ID when using user-assigned identity. 463 type: string 464 type: object 465 identityRef: 466 description: IdentityRef is a reference to a AzureClusterIdentity 467 to be used when reconciling this cluster 468 properties: 469 apiVersion: 470 description: API version of the referent. 471 type: string 472 fieldPath: 473 description: 'If referring to a piece of an object instead of 474 an entire object, this string should contain a valid JSON/Go 475 field access statement, such as desiredState.manifest.containers[2]. 476 For example, if the object reference is to a container within 477 a pod, this would take on a value like: "spec.containers{name}" 478 (where "name" refers to the name of the container that triggered 479 the event) or if no container name is specified "spec.containers[2]" 480 (container with index 2 in this pod). This syntax is chosen 481 only to have some well-defined way of referencing a part of 482 an object. TODO: this design is not final and this field is 483 subject to change in the future.' 484 type: string 485 kind: 486 description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 487 type: string 488 name: 489 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' 490 type: string 491 namespace: 492 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' 493 type: string 494 resourceVersion: 495 description: 'Specific resourceVersion to which this reference 496 is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' 497 type: string 498 uid: 499 description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' 500 type: string 501 type: object 502 x-kubernetes-map-type: atomic 503 kubeletUserAssignedIdentity: 504 description: KubeletUserAssignedIdentity is the user-assigned identity 505 for kubelet. For authentication with Azure Container Registry. 506 type: string 507 loadBalancerProfile: 508 description: LoadBalancerProfile is the profile of the cluster load 509 balancer. 510 properties: 511 allocatedOutboundPorts: 512 description: AllocatedOutboundPorts - Desired number of allocated 513 SNAT ports per VM. Allowed values must be in the range of 0 514 to 64000 (inclusive). The default value is 0 which results in 515 Azure dynamically allocating ports. 516 type: integer 517 idleTimeoutInMinutes: 518 description: IdleTimeoutInMinutes - Desired outbound flow idle 519 timeout in minutes. Allowed values must be in the range of 4 520 to 120 (inclusive). The default value is 30 minutes. 521 type: integer 522 managedOutboundIPs: 523 description: ManagedOutboundIPs - Desired managed outbound IPs 524 for the cluster load balancer. 525 type: integer 526 outboundIPPrefixes: 527 description: OutboundIPPrefixes - Desired outbound IP Prefix resources 528 for the cluster load balancer. 529 items: 530 type: string 531 type: array 532 outboundIPs: 533 description: OutboundIPs - Desired outbound IP resources for the 534 cluster load balancer. 535 items: 536 type: string 537 type: array 538 type: object 539 loadBalancerSKU: 540 default: Standard 541 description: LoadBalancerSKU is the SKU of the loadBalancer to be 542 provisioned. Immutable. 543 enum: 544 - Basic 545 - Standard 546 type: string 547 location: 548 description: 'Location is a string matching one of the canonical Azure 549 region names. Examples: "westus2", "eastus".' 550 type: string 551 machineTemplate: 552 description: MachineTemplate contains information about how machines 553 should be shaped when creating or updating a control plane. For 554 the AzureManagedControlPlaneTemplate, this field is used only to 555 fulfill the CAPI contract. 556 type: object 557 networkDataplane: 558 description: NetworkDataplane is the dataplane used for building the 559 Kubernetes network. 560 enum: 561 - azure 562 - cilium 563 type: string 564 networkPlugin: 565 description: NetworkPlugin used for building Kubernetes network. 566 enum: 567 - azure 568 - kubenet 569 - none 570 type: string 571 networkPluginMode: 572 description: NetworkPluginMode is the mode the network plugin should 573 use. Allowed value is "overlay". 574 enum: 575 - overlay 576 type: string 577 networkPolicy: 578 description: NetworkPolicy used for building Kubernetes network. 579 enum: 580 - azure 581 - calico 582 - cilium 583 type: string 584 nodeResourceGroupName: 585 description: NodeResourceGroupName is the name of the resource group 586 containing cluster IaaS resources. Will be populated to default 587 in webhook. Immutable. 588 type: string 589 oidcIssuerProfile: 590 description: OIDCIssuerProfile is the OIDC issuer profile of the Managed 591 Cluster. 592 properties: 593 enabled: 594 description: Enabled is whether the OIDC issuer is enabled. 595 type: boolean 596 type: object 597 outboundType: 598 description: Outbound configuration used by Nodes. 599 enum: 600 - loadBalancer 601 - managedNATGateway 602 - userAssignedNATGateway 603 - userDefinedRouting 604 type: string 605 resourceGroupName: 606 description: ResourceGroupName is the name of the Azure resource group 607 for this AKS Cluster. Immutable. 608 type: string 609 securityProfile: 610 description: SecurityProfile defines the security profile for cluster. 611 properties: 612 azureKeyVaultKms: 613 description: AzureKeyVaultKms defines Azure Key Vault Management 614 Services Profile for the security profile. 615 properties: 616 enabled: 617 description: Enabled enables the Azure Key Vault key management 618 service. The default is false. 619 type: boolean 620 keyID: 621 description: KeyID defines the Identifier of Azure Key Vault 622 key. When Azure Key Vault key management service is enabled, 623 this field is required and must be a valid key identifier. 624 type: string 625 keyVaultNetworkAccess: 626 default: Public 627 description: KeyVaultNetworkAccess defines the network access 628 of key vault. The possible values are Public and Private. 629 Public means the key vault allows public access from all 630 networks. Private means the key vault disables public access 631 and enables private link. The default value is Public. 632 type: string 633 keyVaultResourceID: 634 description: KeyVaultResourceID is the Resource ID of key 635 vault. When keyVaultNetworkAccess is Private, this field 636 is required and must be a valid resource ID. 637 type: string 638 required: 639 - enabled 640 - keyID 641 type: object 642 defender: 643 description: Defender settings for the security profile. 644 properties: 645 logAnalyticsWorkspaceResourceID: 646 description: LogAnalyticsWorkspaceResourceID is the ID of 647 the Log Analytics workspace that has to be associated with 648 Microsoft Defender. When Microsoft Defender is enabled, 649 this field is required and must be a valid workspace resource 650 ID. 651 type: string 652 securityMonitoring: 653 description: SecurityMonitoring profile defines the Microsoft 654 Defender threat detection for Cloud settings for the security 655 profile. 656 properties: 657 enabled: 658 description: Enabled enables Defender threat detection 659 type: boolean 660 required: 661 - enabled 662 type: object 663 required: 664 - logAnalyticsWorkspaceResourceID 665 - securityMonitoring 666 type: object 667 imageCleaner: 668 description: ImageCleaner settings for the security profile. 669 properties: 670 enabled: 671 description: Enabled enables the Image Cleaner on AKS cluster. 672 type: boolean 673 intervalHours: 674 description: IntervalHours defines Image Cleaner scanning 675 interval in hours. Default value is 24 hours. 676 maximum: 2160 677 minimum: 24 678 type: integer 679 required: 680 - enabled 681 type: object 682 workloadIdentity: 683 description: Workloadidentity enables Kubernetes applications 684 to access Azure cloud resources securely with Azure AD. Ensure 685 to enable OIDC issuer while enabling Workload Identity 686 properties: 687 enabled: 688 description: Enabled enables the workload identity. 689 type: boolean 690 required: 691 - enabled 692 type: object 693 type: object 694 sku: 695 description: SKU is the SKU of the AKS to be provisioned. 696 properties: 697 tier: 698 description: Tier - Tier of an AKS cluster. 699 enum: 700 - Free 701 - Paid 702 - Standard 703 type: string 704 required: 705 - tier 706 type: object 707 sshPublicKey: 708 description: SSHPublicKey is a string literal containing an ssh public 709 key base64 encoded. Use empty string to autogenerate new key. Use 710 null value to not set key. Immutable. 711 type: string 712 subscriptionID: 713 description: SubscriptionID is the GUID of the Azure subscription 714 that owns this cluster. 715 type: string 716 version: 717 description: Version defines the desired Kubernetes version. 718 minLength: 2 719 type: string 720 virtualNetwork: 721 description: VirtualNetwork describes the virtual network for the 722 AKS cluster. It will be created if it does not already exist. 723 properties: 724 cidrBlock: 725 type: string 726 name: 727 type: string 728 resourceGroup: 729 description: ResourceGroup is the name of the Azure resource group 730 for the VNet and Subnet. 731 type: string 732 subnet: 733 description: ManagedControlPlaneSubnet describes a subnet for 734 an AKS cluster. 735 properties: 736 cidrBlock: 737 type: string 738 name: 739 type: string 740 privateEndpoints: 741 description: PrivateEndpoints is a slice of Virtual Network 742 private endpoints to create for the subnets. 743 items: 744 description: PrivateEndpointSpec configures an Azure Private 745 Endpoint. 746 properties: 747 applicationSecurityGroups: 748 description: ApplicationSecurityGroups specifies the 749 Application security group in which the private endpoint 750 IP configuration is included. 751 items: 752 type: string 753 type: array 754 customNetworkInterfaceName: 755 description: CustomNetworkInterfaceName specifies the 756 network interface name associated with the private 757 endpoint. 758 type: string 759 location: 760 description: Location specifies the region to create 761 the private endpoint. 762 type: string 763 manualApproval: 764 description: ManualApproval specifies if the connection 765 approval needs to be done manually or not. Set it 766 true when the network admin does not have access to 767 approve connections to the remote resource. Defaults 768 to false. 769 type: boolean 770 name: 771 description: Name specifies the name of the private 772 endpoint. 773 type: string 774 privateIPAddresses: 775 description: PrivateIPAddresses specifies the IP addresses 776 for the network interface associated with the private 777 endpoint. They have to be part of the subnet where 778 the private endpoint is linked. 779 items: 780 type: string 781 type: array 782 privateLinkServiceConnections: 783 description: PrivateLinkServiceConnections specifies 784 Private Link Service Connections of the private endpoint. 785 items: 786 description: PrivateLinkServiceConnection defines 787 the specification for a private link service connection 788 associated with a private endpoint. 789 properties: 790 groupIDs: 791 description: GroupIDs specifies the ID(s) of the 792 group(s) obtained from the remote resource that 793 this private endpoint should connect to. 794 items: 795 type: string 796 type: array 797 name: 798 description: Name specifies the name of the private 799 link service. 800 type: string 801 privateLinkServiceID: 802 description: PrivateLinkServiceID specifies the 803 resource ID of the private link service. 804 type: string 805 requestMessage: 806 description: RequestMessage specifies a message 807 passed to the owner of the remote resource with 808 the private endpoint connection request. 809 maxLength: 140 810 type: string 811 type: object 812 type: array 813 required: 814 - name 815 type: object 816 type: array 817 x-kubernetes-list-map-keys: 818 - name 819 x-kubernetes-list-type: map 820 serviceEndpoints: 821 description: ServiceEndpoints is a slice of Virtual Network 822 service endpoints to enable for the subnets. 823 items: 824 description: ServiceEndpointSpec configures an Azure Service 825 Endpoint. 826 properties: 827 locations: 828 items: 829 type: string 830 type: array 831 service: 832 type: string 833 required: 834 - locations 835 - service 836 type: object 837 type: array 838 x-kubernetes-list-map-keys: 839 - service 840 x-kubernetes-list-type: map 841 required: 842 - cidrBlock 843 - name 844 type: object 845 required: 846 - cidrBlock 847 - name 848 type: object 849 required: 850 - identityRef 851 - location 852 - resourceGroupName 853 - version 854 type: object 855 status: 856 description: AzureManagedControlPlaneStatus defines the observed state 857 of AzureManagedControlPlane. 858 properties: 859 autoUpgradeVersion: 860 description: AutoUpgradeVersion is the Kubernetes version populated 861 after auto-upgrade based on the upgrade channel. 862 minLength: 2 863 type: string 864 conditions: 865 description: Conditions defines current service state of the AzureManagedControlPlane. 866 items: 867 description: Condition defines an observation of a Cluster API resource 868 operational state. 869 properties: 870 lastTransitionTime: 871 description: Last time the condition transitioned from one status 872 to another. This should be when the underlying condition changed. 873 If that is not known, then using the time when the API field 874 changed is acceptable. 875 format: date-time 876 type: string 877 message: 878 description: A human readable message indicating details about 879 the transition. This field may be empty. 880 type: string 881 reason: 882 description: The reason for the condition's last transition 883 in CamelCase. The specific API may choose whether or not this 884 field is considered a guaranteed API. This field may not be 885 empty. 886 type: string 887 severity: 888 description: Severity provides an explicit classification of 889 Reason code, so the users or machines can immediately understand 890 the current situation and act accordingly. The Severity field 891 MUST be set only when Status=False. 892 type: string 893 status: 894 description: Status of the condition, one of True, False, Unknown. 895 type: string 896 type: 897 description: Type of condition in CamelCase or in foo.example.com/CamelCase. 898 Many .condition.type values are consistent across resources 899 like Available, but because arbitrary conditions can be useful 900 (see .node.status.conditions), the ability to deconflict is 901 important. 902 type: string 903 required: 904 - lastTransitionTime 905 - status 906 - type 907 type: object 908 type: array 909 initialized: 910 description: Initialized is true when the control plane is available 911 for initial contact. This may occur before the control plane is 912 fully ready. In the AzureManagedControlPlane implementation, these 913 are identical. 914 type: boolean 915 longRunningOperationStates: 916 description: LongRunningOperationStates saves the states for Azure 917 long-running operations so they can be continued on the next reconciliation 918 loop. 919 items: 920 description: Future contains the data needed for an Azure long-running 921 operation to continue across reconcile loops. 922 properties: 923 data: 924 description: Data is the base64 url encoded json Azure AutoRest 925 Future. 926 type: string 927 name: 928 description: Name is the name of the Azure resource. Together 929 with the service name, this forms the unique identifier for 930 the future. 931 type: string 932 resourceGroup: 933 description: ResourceGroup is the Azure resource group for the 934 resource. 935 type: string 936 serviceName: 937 description: ServiceName is the name of the Azure service. Together 938 with the name of the resource, this forms the unique identifier 939 for the future. 940 type: string 941 type: 942 description: Type describes the type of future, such as update, 943 create, delete, etc. 944 type: string 945 required: 946 - data 947 - name 948 - serviceName 949 - type 950 type: object 951 type: array 952 oidcIssuerProfile: 953 description: OIDCIssuerProfile is the OIDC issuer profile of the Managed 954 Cluster. 955 properties: 956 issuerURL: 957 description: IssuerURL is the OIDC issuer url of the Managed Cluster. 958 type: string 959 type: object 960 ready: 961 description: Ready is true when the provider resource is ready. 962 type: boolean 963 version: 964 description: Version defines the Kubernetes version for the control 965 plane instance. 966 type: string 967 type: object 968 type: object 969 served: true 970 storage: true 971 subresources: 972 status: {}