sigs.k8s.io/cluster-api-provider-azure@v1.17.0/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanes.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.15.0 7 name: azuremanagedcontrolplanes.infrastructure.cluster.x-k8s.io 8 spec: 9 group: infrastructure.cluster.x-k8s.io 10 names: 11 categories: 12 - cluster-api 13 kind: AzureManagedControlPlane 14 listKind: AzureManagedControlPlaneList 15 plural: azuremanagedcontrolplanes 16 shortNames: 17 - amcp 18 singular: azuremanagedcontrolplane 19 scope: Namespaced 20 versions: 21 - additionalPrinterColumns: 22 - description: Cluster to which this AzureManagedControlPlane belongs 23 jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name 24 name: Cluster 25 type: string 26 - jsonPath: .status.conditions[?(@.type=='Ready')].status 27 name: Ready 28 type: string 29 - jsonPath: .status.conditions[?(@.type=='Ready')].severity 30 name: Severity 31 type: string 32 - jsonPath: .status.conditions[?(@.type=='Ready')].reason 33 name: Reason 34 type: string 35 - jsonPath: .status.conditions[?(@.type=='Ready')].message 36 name: Message 37 priority: 1 38 type: string 39 - description: Time duration since creation of this AzureManagedControlPlane 40 jsonPath: .metadata.creationTimestamp 41 name: Age 42 type: date 43 name: v1beta1 44 schema: 45 openAPIV3Schema: 46 description: AzureManagedControlPlane is the Schema for the azuremanagedcontrolplanes 47 API. 48 properties: 49 apiVersion: 50 description: |- 51 APIVersion defines the versioned schema of this representation of an object. 52 Servers should convert recognized schemas to the latest internal value, and 53 may reject unrecognized values. 54 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 55 type: string 56 kind: 57 description: |- 58 Kind is a string value representing the REST resource this object represents. 59 Servers may infer this from the endpoint the client submits requests to. 60 Cannot be updated. 61 In CamelCase. 62 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 63 type: string 64 metadata: 65 type: object 66 spec: 67 description: AzureManagedControlPlaneSpec defines the desired state of 68 AzureManagedControlPlane. 69 properties: 70 aadProfile: 71 description: AadProfile is Azure Active Directory configuration to 72 integrate with AKS for aad authentication. 73 properties: 74 adminGroupObjectIDs: 75 description: AdminGroupObjectIDs - AAD group object IDs that will 76 have admin role of the cluster. 77 items: 78 type: string 79 type: array 80 managed: 81 description: Managed - Whether to enable managed AAD. 82 type: boolean 83 required: 84 - adminGroupObjectIDs 85 - managed 86 type: object 87 additionalTags: 88 additionalProperties: 89 type: string 90 description: |- 91 AdditionalTags is an optional set of tags to add to Azure resources managed by the Azure provider, in addition to the 92 ones added by default. 93 type: object 94 addonProfiles: 95 description: AddonProfiles are the profiles of managed cluster add-on. 96 items: 97 description: AddonProfile represents a managed cluster add-on. 98 properties: 99 config: 100 additionalProperties: 101 type: string 102 description: Config - Key-value pairs for configuring the add-on. 103 type: object 104 enabled: 105 description: Enabled - Whether the add-on is enabled or not. 106 type: boolean 107 name: 108 description: Name - The name of the managed cluster add-on. 109 type: string 110 required: 111 - enabled 112 - name 113 type: object 114 type: array 115 apiServerAccessProfile: 116 description: |- 117 APIServerAccessProfile is the access profile for AKS API server. 118 Immutable except for `authorizedIPRanges`. 119 properties: 120 authorizedIPRanges: 121 description: AuthorizedIPRanges - Authorized IP Ranges to kubernetes 122 API server. 123 items: 124 type: string 125 type: array 126 enablePrivateCluster: 127 description: EnablePrivateCluster indicates whether to create 128 the cluster as a private cluster or not. 129 type: boolean 130 enablePrivateClusterPublicFQDN: 131 description: EnablePrivateClusterPublicFQDN indicates whether 132 to create additional public FQDN for private cluster or not. 133 type: boolean 134 privateDNSZone: 135 description: PrivateDNSZone enables private dns zone mode for 136 private cluster. 137 type: string 138 type: object 139 asoManagedClusterPatches: 140 description: |- 141 ASOManagedClusterPatches defines JSON merge patches to be applied to the generated ASO ManagedCluster resource. 142 WARNING: This is meant to be used sparingly to enable features for development and testing that are not 143 otherwise represented in the CAPZ API. Misconfiguration that conflicts with CAPZ's normal mode of 144 operation is possible. 145 items: 146 type: string 147 type: array 148 autoUpgradeProfile: 149 description: AutoUpgradeProfile defines the auto upgrade configuration. 150 properties: 151 upgradeChannel: 152 description: UpgradeChannel determines the type of upgrade channel 153 for automatically upgrading the cluster. 154 enum: 155 - node-image 156 - none 157 - patch 158 - rapid 159 - stable 160 type: string 161 type: object 162 autoscalerProfile: 163 description: AutoscalerProfile is the parameters to be applied to 164 the cluster-autoscaler when enabled 165 properties: 166 balanceSimilarNodeGroups: 167 description: BalanceSimilarNodeGroups - Valid values are 'true' 168 and 'false'. The default is false. 169 enum: 170 - "true" 171 - "false" 172 type: string 173 expander: 174 description: Expander - If not specified, the default is 'random'. 175 See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) 176 for more information. 177 enum: 178 - least-waste 179 - most-pods 180 - priority 181 - random 182 type: string 183 maxEmptyBulkDelete: 184 description: MaxEmptyBulkDelete - The default is 10. 185 type: string 186 maxGracefulTerminationSec: 187 description: MaxGracefulTerminationSec - The default is 600. 188 pattern: ^(\d+)$ 189 type: string 190 maxNodeProvisionTime: 191 description: MaxNodeProvisionTime - The default is '15m'. Values 192 must be an integer followed by an 'm'. No unit of time other 193 than minutes (m) is supported. 194 pattern: ^(\d+)m$ 195 type: string 196 maxTotalUnreadyPercentage: 197 description: MaxTotalUnreadyPercentage - The default is 45. The 198 maximum is 100 and the minimum is 0. 199 maxLength: 3 200 minLength: 1 201 pattern: ^(\d+)$ 202 type: string 203 newPodScaleUpDelay: 204 description: NewPodScaleUpDelay - For scenarios like burst/batch 205 scale where you don't want CA to act before the kubernetes scheduler 206 could schedule all the pods, you can tell CA to ignore unscheduled 207 pods before they're a certain age. The default is '0s'. Values 208 must be an integer followed by a unit ('s' for seconds, 'm' 209 for minutes, 'h' for hours, etc). 210 type: string 211 okTotalUnreadyCount: 212 description: OkTotalUnreadyCount - This must be an integer. The 213 default is 3. 214 pattern: ^(\d+)$ 215 type: string 216 scaleDownDelayAfterAdd: 217 description: ScaleDownDelayAfterAdd - The default is '10m'. Values 218 must be an integer followed by an 'm'. No unit of time other 219 than minutes (m) is supported. 220 pattern: ^(\d+)m$ 221 type: string 222 scaleDownDelayAfterDelete: 223 description: ScaleDownDelayAfterDelete - The default is the scan-interval. 224 Values must be an integer followed by an 's'. No unit of time 225 other than seconds (s) is supported. 226 pattern: ^(\d+)s$ 227 type: string 228 scaleDownDelayAfterFailure: 229 description: ScaleDownDelayAfterFailure - The default is '3m'. 230 Values must be an integer followed by an 'm'. No unit of time 231 other than minutes (m) is supported. 232 pattern: ^(\d+)m$ 233 type: string 234 scaleDownUnneededTime: 235 description: ScaleDownUnneededTime - The default is '10m'. Values 236 must be an integer followed by an 'm'. No unit of time other 237 than minutes (m) is supported. 238 pattern: ^(\d+)m$ 239 type: string 240 scaleDownUnreadyTime: 241 description: ScaleDownUnreadyTime - The default is '20m'. Values 242 must be an integer followed by an 'm'. No unit of time other 243 than minutes (m) is supported. 244 pattern: ^(\d+)m$ 245 type: string 246 scaleDownUtilizationThreshold: 247 description: ScaleDownUtilizationThreshold - The default is '0.5'. 248 type: string 249 scanInterval: 250 description: ScanInterval - How often cluster is reevaluated for 251 scale up or down. The default is '10s'. 252 pattern: ^(\d+)s$ 253 type: string 254 skipNodesWithLocalStorage: 255 description: SkipNodesWithLocalStorage - The default is false. 256 enum: 257 - "true" 258 - "false" 259 type: string 260 skipNodesWithSystemPods: 261 description: SkipNodesWithSystemPods - The default is true. 262 enum: 263 - "true" 264 - "false" 265 type: string 266 type: object 267 azureEnvironment: 268 description: |- 269 AzureEnvironment is the name of the AzureCloud to be used. 270 The default value that would be used by most users is "AzurePublicCloud", other values are: 271 - ChinaCloud: "AzureChinaCloud" 272 - PublicCloud: "AzurePublicCloud" 273 - USGovernmentCloud: "AzureUSGovernmentCloud" 274 275 276 Note that values other than the default must also be accompanied by corresponding changes to the 277 aso-controller-settings Secret to configure ASO to refer to the non-Public cloud. ASO currently does 278 not support referring to multiple different clouds in a single installation. The following fields must 279 be defined in the Secret: 280 - AZURE_AUTHORITY_HOST 281 - AZURE_RESOURCE_MANAGER_ENDPOINT 282 - AZURE_RESOURCE_MANAGER_AUDIENCE 283 284 285 See the [ASO docs] for more details. 286 287 288 [ASO docs]: https://azure.github.io/azure-service-operator/guide/aso-controller-settings-options/ 289 type: string 290 controlPlaneEndpoint: 291 description: |- 292 ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. 293 Immutable, populated by the AKS API at create. 294 properties: 295 host: 296 description: The hostname on which the API server is serving. 297 type: string 298 port: 299 description: The port on which the API server is serving. 300 format: int32 301 type: integer 302 required: 303 - host 304 - port 305 type: object 306 disableLocalAccounts: 307 description: DisableLocalAccounts disables getting static credentials 308 for this cluster when set. Expected to only be used for AAD clusters. 309 type: boolean 310 dnsPrefix: 311 description: |- 312 DNSPrefix allows the user to customize dns prefix. 313 Immutable. 314 type: string 315 dnsServiceIP: 316 description: |- 317 DNSServiceIP is an IP address assigned to the Kubernetes DNS service. 318 It must be within the Kubernetes service address range specified in serviceCidr. 319 Immutable. 320 type: string 321 enablePreviewFeatures: 322 description: EnablePreviewFeatures enables preview features for the 323 cluster. 324 type: boolean 325 extensions: 326 description: Extensions is a list of AKS extensions to be installed 327 on the cluster. 328 items: 329 description: |- 330 AKSExtension represents the configuration for an AKS cluster extension. 331 See also [AKS doc]. 332 333 334 [AKS doc]: https://learn.microsoft.com/en-us/azure/aks/cluster-extensions 335 properties: 336 aksAssignedIdentityType: 337 description: AKSAssignedIdentityType is the type of the AKS 338 assigned identity. 339 enum: 340 - SystemAssigned 341 - UserAssigned 342 type: string 343 autoUpgradeMinorVersion: 344 default: true 345 description: AutoUpgradeMinorVersion is a flag to note if this 346 extension participates in auto upgrade of minor version, or 347 not. 348 type: boolean 349 configurationSettings: 350 additionalProperties: 351 type: string 352 description: ConfigurationSettings are the name-value pairs 353 for configuring this extension. 354 type: object 355 extensionType: 356 description: |- 357 ExtensionType is the type of the Extension of which this resource is an instance. 358 It must be one of the Extension Types registered with Microsoft.KubernetesConfiguration by the Extension publisher. 359 type: string 360 identity: 361 description: Identity is the identity type of the Extension 362 resource in an AKS cluster. 363 enum: 364 - SystemAssigned 365 type: string 366 name: 367 description: Name is the name of the extension. 368 type: string 369 plan: 370 description: Plan is the plan of the extension. 371 properties: 372 name: 373 description: Name is the user-defined name of the 3rd Party 374 Artifact that is being procured. 375 type: string 376 product: 377 description: Product is the name of the 3rd Party artifact 378 that is being procured. 379 type: string 380 promotionCode: 381 description: PromotionCode is a publisher-provided promotion 382 code as provisioned in Data Market for the said product/artifact. 383 type: string 384 publisher: 385 description: Publisher is the name of the publisher of the 386 3rd Party Artifact that is being bought. 387 type: string 388 version: 389 description: Version is the version of the plan. 390 type: string 391 type: object 392 releaseTrain: 393 description: |- 394 ReleaseTrain is the release train this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) 395 This is only used if autoUpgradeMinorVersion is ‘true’. 396 type: string 397 scope: 398 description: Scope is the scope at which this extension is enabled. 399 properties: 400 releaseNamespace: 401 description: |- 402 ReleaseNamespace is the namespace where the extension Release must be placed, for a Cluster-scoped extension. 403 Required for Cluster-scoped extensions. 404 type: string 405 scopeType: 406 description: ScopeType is the scope of the extension. It 407 can be either Cluster or Namespace, but not both. 408 enum: 409 - Cluster 410 - Namespace 411 type: string 412 targetNamespace: 413 description: |- 414 TargetNamespace is the namespace where the extension will be created for a Namespace-scoped extension. 415 Required for Namespace-scoped extensions. 416 type: string 417 required: 418 - scopeType 419 type: object 420 version: 421 description: Version is the version of the extension. 422 type: string 423 required: 424 - extensionType 425 - name 426 type: object 427 type: array 428 fleetsMember: 429 description: |- 430 FleetsMember is the spec for the fleet this cluster is a member of. 431 See also [AKS doc]. 432 433 434 [AKS doc]: https://learn.microsoft.com/en-us/azure/templates/microsoft.containerservice/2023-03-15-preview/fleets/members 435 properties: 436 group: 437 description: Group is the group this member belongs to for multi-cluster 438 update management. 439 type: string 440 managerName: 441 description: ManagerName is the name of the fleet manager. 442 type: string 443 managerResourceGroup: 444 description: ManagerResourceGroup is the resource group of the 445 fleet manager. 446 type: string 447 name: 448 description: Name is the name of the member. 449 type: string 450 required: 451 - managerName 452 - managerResourceGroup 453 type: object 454 httpProxyConfig: 455 description: |- 456 HTTPProxyConfig is the HTTP proxy configuration for the cluster. 457 Immutable. 458 properties: 459 httpProxy: 460 description: HTTPProxy is the HTTP proxy server endpoint to use. 461 type: string 462 httpsProxy: 463 description: HTTPSProxy is the HTTPS proxy server endpoint to 464 use. 465 type: string 466 noProxy: 467 description: NoProxy indicates the endpoints that should not go 468 through proxy. 469 items: 470 type: string 471 type: array 472 trustedCa: 473 description: TrustedCA is the alternative CA cert to use for connecting 474 to proxy servers. 475 type: string 476 type: object 477 identity: 478 description: Identity configuration used by the AKS control plane. 479 properties: 480 type: 481 description: Type - The Identity type to use. 482 enum: 483 - SystemAssigned 484 - UserAssigned 485 type: string 486 userAssignedIdentityResourceID: 487 description: UserAssignedIdentityResourceID - Identity ARM resource 488 ID when using user-assigned identity. 489 type: string 490 type: object 491 identityRef: 492 description: IdentityRef is a reference to a AzureClusterIdentity 493 to be used when reconciling this cluster 494 properties: 495 apiVersion: 496 description: API version of the referent. 497 type: string 498 fieldPath: 499 description: |- 500 If referring to a piece of an object instead of an entire object, this string 501 should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. 502 For example, if the object reference is to a container within a pod, this would take on a value like: 503 "spec.containers{name}" (where "name" refers to the name of the container that triggered 504 the event) or if no container name is specified "spec.containers[2]" (container with 505 index 2 in this pod). This syntax is chosen only to have some well-defined way of 506 referencing a part of an object. 507 TODO: this design is not final and this field is subject to change in the future. 508 type: string 509 kind: 510 description: |- 511 Kind of the referent. 512 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 513 type: string 514 name: 515 description: |- 516 Name of the referent. 517 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 518 type: string 519 namespace: 520 description: |- 521 Namespace of the referent. 522 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ 523 type: string 524 resourceVersion: 525 description: |- 526 Specific resourceVersion to which this reference is made, if any. 527 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 528 type: string 529 uid: 530 description: |- 531 UID of the referent. 532 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids 533 type: string 534 type: object 535 x-kubernetes-map-type: atomic 536 kubeletUserAssignedIdentity: 537 description: |- 538 KubeletUserAssignedIdentity is the user-assigned identity for kubelet. 539 For authentication with Azure Container Registry. 540 type: string 541 loadBalancerProfile: 542 description: LoadBalancerProfile is the profile of the cluster load 543 balancer. 544 properties: 545 allocatedOutboundPorts: 546 description: AllocatedOutboundPorts - Desired number of allocated 547 SNAT ports per VM. Allowed values must be in the range of 0 548 to 64000 (inclusive). The default value is 0 which results in 549 Azure dynamically allocating ports. 550 type: integer 551 idleTimeoutInMinutes: 552 description: IdleTimeoutInMinutes - Desired outbound flow idle 553 timeout in minutes. Allowed values must be in the range of 4 554 to 120 (inclusive). The default value is 30 minutes. 555 type: integer 556 managedOutboundIPs: 557 description: ManagedOutboundIPs - Desired managed outbound IPs 558 for the cluster load balancer. 559 type: integer 560 outboundIPPrefixes: 561 description: OutboundIPPrefixes - Desired outbound IP Prefix resources 562 for the cluster load balancer. 563 items: 564 type: string 565 type: array 566 outboundIPs: 567 description: OutboundIPs - Desired outbound IP resources for the 568 cluster load balancer. 569 items: 570 type: string 571 type: array 572 type: object 573 loadBalancerSKU: 574 default: Standard 575 description: |- 576 LoadBalancerSKU is the SKU of the loadBalancer to be provisioned. 577 Immutable. 578 enum: 579 - Basic 580 - Standard 581 type: string 582 location: 583 description: 'Location is a string matching one of the canonical Azure 584 region names. Examples: "westus2", "eastus".' 585 type: string 586 machineTemplate: 587 description: |- 588 MachineTemplate contains information about how machines 589 should be shaped when creating or updating a control plane. 590 For the AzureManagedControlPlaneTemplate, this field is used 591 only to fulfill the CAPI contract. 592 type: object 593 networkDataplane: 594 description: NetworkDataplane is the dataplane used for building the 595 Kubernetes network. 596 enum: 597 - azure 598 - cilium 599 type: string 600 networkPlugin: 601 description: NetworkPlugin used for building Kubernetes network. 602 enum: 603 - azure 604 - kubenet 605 - none 606 type: string 607 networkPluginMode: 608 description: |- 609 NetworkPluginMode is the mode the network plugin should use. 610 Allowed value is "overlay". 611 enum: 612 - overlay 613 type: string 614 networkPolicy: 615 description: NetworkPolicy used for building Kubernetes network. 616 enum: 617 - azure 618 - calico 619 - cilium 620 type: string 621 nodeResourceGroupName: 622 description: |- 623 NodeResourceGroupName is the name of the resource group 624 containing cluster IaaS resources. Will be populated to default 625 in webhook. 626 Immutable. 627 type: string 628 oidcIssuerProfile: 629 description: OIDCIssuerProfile is the OIDC issuer profile of the Managed 630 Cluster. 631 properties: 632 enabled: 633 description: Enabled is whether the OIDC issuer is enabled. 634 type: boolean 635 type: object 636 outboundType: 637 description: Outbound configuration used by Nodes. 638 enum: 639 - loadBalancer 640 - managedNATGateway 641 - userAssignedNATGateway 642 - userDefinedRouting 643 type: string 644 resourceGroupName: 645 description: |- 646 ResourceGroupName is the name of the Azure resource group for this AKS Cluster. 647 Immutable. 648 type: string 649 securityProfile: 650 description: SecurityProfile defines the security profile for cluster. 651 properties: 652 azureKeyVaultKms: 653 description: AzureKeyVaultKms defines Azure Key Vault Management 654 Services Profile for the security profile. 655 properties: 656 enabled: 657 description: Enabled enables the Azure Key Vault key management 658 service. The default is false. 659 type: boolean 660 keyID: 661 description: |- 662 KeyID defines the Identifier of Azure Key Vault key. 663 When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. 664 type: string 665 keyVaultNetworkAccess: 666 default: Public 667 description: |- 668 KeyVaultNetworkAccess defines the network access of key vault. 669 The possible values are Public and Private. 670 Public means the key vault allows public access from all networks. 671 Private means the key vault disables public access and enables private link. The default value is Public. 672 type: string 673 keyVaultResourceID: 674 description: KeyVaultResourceID is the Resource ID of key 675 vault. When keyVaultNetworkAccess is Private, this field 676 is required and must be a valid resource ID. 677 type: string 678 required: 679 - enabled 680 - keyID 681 type: object 682 defender: 683 description: Defender settings for the security profile. 684 properties: 685 logAnalyticsWorkspaceResourceID: 686 description: |- 687 LogAnalyticsWorkspaceResourceID is the ID of the Log Analytics workspace that has to be associated with Microsoft Defender. 688 When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. 689 type: string 690 securityMonitoring: 691 description: SecurityMonitoring profile defines the Microsoft 692 Defender threat detection for Cloud settings for the security 693 profile. 694 properties: 695 enabled: 696 description: Enabled enables Defender threat detection 697 type: boolean 698 required: 699 - enabled 700 type: object 701 required: 702 - logAnalyticsWorkspaceResourceID 703 - securityMonitoring 704 type: object 705 imageCleaner: 706 description: ImageCleaner settings for the security profile. 707 properties: 708 enabled: 709 description: Enabled enables the Image Cleaner on AKS cluster. 710 type: boolean 711 intervalHours: 712 description: IntervalHours defines Image Cleaner scanning 713 interval in hours. Default value is 24 hours. 714 maximum: 2160 715 minimum: 24 716 type: integer 717 required: 718 - enabled 719 type: object 720 workloadIdentity: 721 description: Workloadidentity enables Kubernetes applications 722 to access Azure cloud resources securely with Azure AD. Ensure 723 to enable OIDC issuer while enabling Workload Identity 724 properties: 725 enabled: 726 description: Enabled enables the workload identity. 727 type: boolean 728 required: 729 - enabled 730 type: object 731 type: object 732 sku: 733 description: SKU is the SKU of the AKS to be provisioned. 734 properties: 735 tier: 736 description: Tier - Tier of an AKS cluster. 737 enum: 738 - Free 739 - Paid 740 - Standard 741 type: string 742 required: 743 - tier 744 type: object 745 sshPublicKey: 746 description: |- 747 SSHPublicKey is a string literal containing an ssh public key base64 encoded. 748 Use empty string to autogenerate new key. Use null value to not set key. 749 Immutable. 750 type: string 751 subscriptionID: 752 description: SubscriptionID is the GUID of the Azure subscription 753 that owns this cluster. 754 type: string 755 version: 756 description: Version defines the desired Kubernetes version. 757 minLength: 2 758 type: string 759 virtualNetwork: 760 description: VirtualNetwork describes the virtual network for the 761 AKS cluster. It will be created if it does not already exist. 762 properties: 763 cidrBlock: 764 type: string 765 name: 766 description: Name is the name of the virtual network. 767 type: string 768 resourceGroup: 769 description: ResourceGroup is the name of the Azure resource group 770 for the VNet and Subnet. 771 type: string 772 subnet: 773 description: ManagedControlPlaneSubnet describes a subnet for 774 an AKS cluster. 775 properties: 776 cidrBlock: 777 type: string 778 name: 779 type: string 780 privateEndpoints: 781 description: PrivateEndpoints is a slice of Virtual Network 782 private endpoints to create for the subnets. 783 items: 784 description: PrivateEndpointSpec configures an Azure Private 785 Endpoint. 786 properties: 787 applicationSecurityGroups: 788 description: ApplicationSecurityGroups specifies the 789 Application security group in which the private endpoint 790 IP configuration is included. 791 items: 792 type: string 793 type: array 794 customNetworkInterfaceName: 795 description: CustomNetworkInterfaceName specifies the 796 network interface name associated with the private 797 endpoint. 798 type: string 799 location: 800 description: Location specifies the region to create 801 the private endpoint. 802 type: string 803 manualApproval: 804 description: |- 805 ManualApproval specifies if the connection approval needs to be done manually or not. 806 Set it true when the network admin does not have access to approve connections to the remote resource. 807 Defaults to false. 808 type: boolean 809 name: 810 description: Name specifies the name of the private 811 endpoint. 812 type: string 813 privateIPAddresses: 814 description: |- 815 PrivateIPAddresses specifies the IP addresses for the network interface associated with the private endpoint. 816 They have to be part of the subnet where the private endpoint is linked. 817 items: 818 type: string 819 type: array 820 privateLinkServiceConnections: 821 description: PrivateLinkServiceConnections specifies 822 Private Link Service Connections of the private endpoint. 823 items: 824 description: PrivateLinkServiceConnection defines 825 the specification for a private link service connection 826 associated with a private endpoint. 827 properties: 828 groupIDs: 829 description: GroupIDs specifies the ID(s) of the 830 group(s) obtained from the remote resource that 831 this private endpoint should connect to. 832 items: 833 type: string 834 type: array 835 name: 836 description: Name specifies the name of the private 837 link service. 838 type: string 839 privateLinkServiceID: 840 description: PrivateLinkServiceID specifies the 841 resource ID of the private link service. 842 type: string 843 requestMessage: 844 description: RequestMessage specifies a message 845 passed to the owner of the remote resource with 846 the private endpoint connection request. 847 maxLength: 140 848 type: string 849 type: object 850 type: array 851 required: 852 - name 853 type: object 854 type: array 855 x-kubernetes-list-map-keys: 856 - name 857 x-kubernetes-list-type: map 858 serviceEndpoints: 859 description: ServiceEndpoints is a slice of Virtual Network 860 service endpoints to enable for the subnets. 861 items: 862 description: ServiceEndpointSpec configures an Azure Service 863 Endpoint. 864 properties: 865 locations: 866 items: 867 type: string 868 type: array 869 service: 870 type: string 871 required: 872 - locations 873 - service 874 type: object 875 type: array 876 x-kubernetes-list-map-keys: 877 - service 878 x-kubernetes-list-type: map 879 required: 880 - cidrBlock 881 - name 882 type: object 883 required: 884 - cidrBlock 885 - name 886 type: object 887 required: 888 - identityRef 889 - location 890 - resourceGroupName 891 - version 892 type: object 893 status: 894 description: AzureManagedControlPlaneStatus defines the observed state 895 of AzureManagedControlPlane. 896 properties: 897 autoUpgradeVersion: 898 description: AutoUpgradeVersion is the Kubernetes version populated 899 after auto-upgrade based on the upgrade channel. 900 minLength: 2 901 type: string 902 conditions: 903 description: Conditions defines current service state of the AzureManagedControlPlane. 904 items: 905 description: Condition defines an observation of a Cluster API resource 906 operational state. 907 properties: 908 lastTransitionTime: 909 description: |- 910 Last time the condition transitioned from one status to another. 911 This should be when the underlying condition changed. If that is not known, then using the time when 912 the API field changed is acceptable. 913 format: date-time 914 type: string 915 message: 916 description: |- 917 A human readable message indicating details about the transition. 918 This field may be empty. 919 type: string 920 reason: 921 description: |- 922 The reason for the condition's last transition in CamelCase. 923 The specific API may choose whether or not this field is considered a guaranteed API. 924 This field may not be empty. 925 type: string 926 severity: 927 description: |- 928 Severity provides an explicit classification of Reason code, so the users or machines can immediately 929 understand the current situation and act accordingly. 930 The Severity field MUST be set only when Status=False. 931 type: string 932 status: 933 description: Status of the condition, one of True, False, Unknown. 934 type: string 935 type: 936 description: |- 937 Type of condition in CamelCase or in foo.example.com/CamelCase. 938 Many .condition.type values are consistent across resources like Available, but because arbitrary conditions 939 can be useful (see .node.status.conditions), the ability to deconflict is important. 940 type: string 941 required: 942 - lastTransitionTime 943 - status 944 - type 945 type: object 946 type: array 947 initialized: 948 description: |- 949 Initialized is true when the control plane is available for initial contact. 950 This may occur before the control plane is fully ready. 951 In the AzureManagedControlPlane implementation, these are identical. 952 type: boolean 953 longRunningOperationStates: 954 description: |- 955 LongRunningOperationStates saves the states for Azure long-running operations so they can be continued on the 956 next reconciliation loop. 957 items: 958 description: Future contains the data needed for an Azure long-running 959 operation to continue across reconcile loops. 960 properties: 961 data: 962 description: Data is the base64 url encoded json Azure AutoRest 963 Future. 964 type: string 965 name: 966 description: |- 967 Name is the name of the Azure resource. 968 Together with the service name, this forms the unique identifier for the future. 969 type: string 970 resourceGroup: 971 description: ResourceGroup is the Azure resource group for the 972 resource. 973 type: string 974 serviceName: 975 description: |- 976 ServiceName is the name of the Azure service. 977 Together with the name of the resource, this forms the unique identifier for the future. 978 type: string 979 type: 980 description: Type describes the type of future, such as update, 981 create, delete, etc. 982 type: string 983 required: 984 - data 985 - name 986 - serviceName 987 - type 988 type: object 989 type: array 990 oidcIssuerProfile: 991 description: OIDCIssuerProfile is the OIDC issuer profile of the Managed 992 Cluster. 993 properties: 994 issuerURL: 995 description: IssuerURL is the OIDC issuer url of the Managed Cluster. 996 type: string 997 type: object 998 ready: 999 description: Ready is true when the provider resource is ready. 1000 type: boolean 1001 version: 1002 description: Version defines the Kubernetes version for the control 1003 plane instance. 1004 type: string 1005 type: object 1006 type: object 1007 served: true 1008 storage: true 1009 subresources: 1010 status: {}