sigs.k8s.io/cluster-api-provider-azure@v1.17.0/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanetemplates.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.15.0 7 name: azuremanagedcontrolplanetemplates.infrastructure.cluster.x-k8s.io 8 spec: 9 group: infrastructure.cluster.x-k8s.io 10 names: 11 categories: 12 - cluster-api 13 kind: AzureManagedControlPlaneTemplate 14 listKind: AzureManagedControlPlaneTemplateList 15 plural: azuremanagedcontrolplanetemplates 16 shortNames: 17 - amcpt 18 singular: azuremanagedcontrolplanetemplate 19 scope: Namespaced 20 versions: 21 - name: v1beta1 22 schema: 23 openAPIV3Schema: 24 description: AzureManagedControlPlaneTemplate is the Schema for the AzureManagedControlPlaneTemplates 25 API. 26 properties: 27 apiVersion: 28 description: |- 29 APIVersion defines the versioned schema of this representation of an object. 30 Servers should convert recognized schemas to the latest internal value, and 31 may reject unrecognized values. 32 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 33 type: string 34 kind: 35 description: |- 36 Kind is a string value representing the REST resource this object represents. 37 Servers may infer this from the endpoint the client submits requests to. 38 Cannot be updated. 39 In CamelCase. 40 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 41 type: string 42 metadata: 43 type: object 44 spec: 45 description: AzureManagedControlPlaneTemplateSpec defines the desired 46 state of AzureManagedControlPlaneTemplate. 47 properties: 48 template: 49 description: AzureManagedControlPlaneTemplateResource describes the 50 data needed to create an AzureManagedCluster from a template. 51 properties: 52 spec: 53 description: AzureManagedControlPlaneTemplateResourceSpec specifies 54 an Azure managed control plane template resource. 55 properties: 56 aadProfile: 57 description: AadProfile is Azure Active Directory configuration 58 to integrate with AKS for aad authentication. 59 properties: 60 adminGroupObjectIDs: 61 description: AdminGroupObjectIDs - AAD group object IDs 62 that will have admin role of the cluster. 63 items: 64 type: string 65 type: array 66 managed: 67 description: Managed - Whether to enable managed AAD. 68 type: boolean 69 required: 70 - adminGroupObjectIDs 71 - managed 72 type: object 73 additionalTags: 74 additionalProperties: 75 type: string 76 description: |- 77 AdditionalTags is an optional set of tags to add to Azure resources managed by the Azure provider, in addition to the 78 ones added by default. 79 type: object 80 addonProfiles: 81 description: AddonProfiles are the profiles of managed cluster 82 add-on. 83 items: 84 description: AddonProfile represents a managed cluster add-on. 85 properties: 86 config: 87 additionalProperties: 88 type: string 89 description: Config - Key-value pairs for configuring 90 the add-on. 91 type: object 92 enabled: 93 description: Enabled - Whether the add-on is enabled 94 or not. 95 type: boolean 96 name: 97 description: Name - The name of the managed cluster 98 add-on. 99 type: string 100 required: 101 - enabled 102 - name 103 type: object 104 type: array 105 apiServerAccessProfile: 106 description: |- 107 APIServerAccessProfile is the access profile for AKS API server. 108 Immutable except for `authorizedIPRanges`. 109 properties: 110 authorizedIPRanges: 111 description: AuthorizedIPRanges - Authorized IP Ranges 112 to kubernetes API server. 113 items: 114 type: string 115 type: array 116 enablePrivateCluster: 117 description: EnablePrivateCluster indicates whether to 118 create the cluster as a private cluster or not. 119 type: boolean 120 enablePrivateClusterPublicFQDN: 121 description: EnablePrivateClusterPublicFQDN indicates 122 whether to create additional public FQDN for private 123 cluster or not. 124 type: boolean 125 privateDNSZone: 126 description: PrivateDNSZone enables private dns zone mode 127 for private cluster. 128 type: string 129 type: object 130 asoManagedClusterPatches: 131 description: |- 132 ASOManagedClusterPatches defines JSON merge patches to be applied to the generated ASO ManagedCluster resource. 133 WARNING: This is meant to be used sparingly to enable features for development and testing that are not 134 otherwise represented in the CAPZ API. Misconfiguration that conflicts with CAPZ's normal mode of 135 operation is possible. 136 items: 137 type: string 138 type: array 139 autoUpgradeProfile: 140 description: AutoUpgradeProfile defines the auto upgrade configuration. 141 properties: 142 upgradeChannel: 143 description: UpgradeChannel determines the type of upgrade 144 channel for automatically upgrading the cluster. 145 enum: 146 - node-image 147 - none 148 - patch 149 - rapid 150 - stable 151 type: string 152 type: object 153 autoscalerProfile: 154 description: AutoscalerProfile is the parameters to be applied 155 to the cluster-autoscaler when enabled 156 properties: 157 balanceSimilarNodeGroups: 158 description: BalanceSimilarNodeGroups - Valid values are 159 'true' and 'false'. The default is false. 160 enum: 161 - "true" 162 - "false" 163 type: string 164 expander: 165 description: Expander - If not specified, the default 166 is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) 167 for more information. 168 enum: 169 - least-waste 170 - most-pods 171 - priority 172 - random 173 type: string 174 maxEmptyBulkDelete: 175 description: MaxEmptyBulkDelete - The default is 10. 176 type: string 177 maxGracefulTerminationSec: 178 description: MaxGracefulTerminationSec - The default is 179 600. 180 pattern: ^(\d+)$ 181 type: string 182 maxNodeProvisionTime: 183 description: MaxNodeProvisionTime - The default is '15m'. 184 Values must be an integer followed by an 'm'. No unit 185 of time other than minutes (m) is supported. 186 pattern: ^(\d+)m$ 187 type: string 188 maxTotalUnreadyPercentage: 189 description: MaxTotalUnreadyPercentage - The default is 190 45. The maximum is 100 and the minimum is 0. 191 maxLength: 3 192 minLength: 1 193 pattern: ^(\d+)$ 194 type: string 195 newPodScaleUpDelay: 196 description: NewPodScaleUpDelay - For scenarios like burst/batch 197 scale where you don't want CA to act before the kubernetes 198 scheduler could schedule all the pods, you can tell 199 CA to ignore unscheduled pods before they're a certain 200 age. The default is '0s'. Values must be an integer 201 followed by a unit ('s' for seconds, 'm' for minutes, 202 'h' for hours, etc). 203 type: string 204 okTotalUnreadyCount: 205 description: OkTotalUnreadyCount - This must be an integer. 206 The default is 3. 207 pattern: ^(\d+)$ 208 type: string 209 scaleDownDelayAfterAdd: 210 description: ScaleDownDelayAfterAdd - The default is '10m'. 211 Values must be an integer followed by an 'm'. No unit 212 of time other than minutes (m) is supported. 213 pattern: ^(\d+)m$ 214 type: string 215 scaleDownDelayAfterDelete: 216 description: ScaleDownDelayAfterDelete - The default is 217 the scan-interval. Values must be an integer followed 218 by an 's'. No unit of time other than seconds (s) is 219 supported. 220 pattern: ^(\d+)s$ 221 type: string 222 scaleDownDelayAfterFailure: 223 description: ScaleDownDelayAfterFailure - The default 224 is '3m'. Values must be an integer followed by an 'm'. 225 No unit of time other than minutes (m) is supported. 226 pattern: ^(\d+)m$ 227 type: string 228 scaleDownUnneededTime: 229 description: ScaleDownUnneededTime - The default is '10m'. 230 Values must be an integer followed by an 'm'. No unit 231 of time other than minutes (m) is supported. 232 pattern: ^(\d+)m$ 233 type: string 234 scaleDownUnreadyTime: 235 description: ScaleDownUnreadyTime - The default is '20m'. 236 Values must be an integer followed by an 'm'. No unit 237 of time other than minutes (m) is supported. 238 pattern: ^(\d+)m$ 239 type: string 240 scaleDownUtilizationThreshold: 241 description: ScaleDownUtilizationThreshold - The default 242 is '0.5'. 243 type: string 244 scanInterval: 245 description: ScanInterval - How often cluster is reevaluated 246 for scale up or down. The default is '10s'. 247 pattern: ^(\d+)s$ 248 type: string 249 skipNodesWithLocalStorage: 250 description: SkipNodesWithLocalStorage - The default is 251 false. 252 enum: 253 - "true" 254 - "false" 255 type: string 256 skipNodesWithSystemPods: 257 description: SkipNodesWithSystemPods - The default is 258 true. 259 enum: 260 - "true" 261 - "false" 262 type: string 263 type: object 264 azureEnvironment: 265 description: |- 266 AzureEnvironment is the name of the AzureCloud to be used. 267 The default value that would be used by most users is "AzurePublicCloud", other values are: 268 - ChinaCloud: "AzureChinaCloud" 269 - PublicCloud: "AzurePublicCloud" 270 - USGovernmentCloud: "AzureUSGovernmentCloud" 271 272 273 Note that values other than the default must also be accompanied by corresponding changes to the 274 aso-controller-settings Secret to configure ASO to refer to the non-Public cloud. ASO currently does 275 not support referring to multiple different clouds in a single installation. The following fields must 276 be defined in the Secret: 277 - AZURE_AUTHORITY_HOST 278 - AZURE_RESOURCE_MANAGER_ENDPOINT 279 - AZURE_RESOURCE_MANAGER_AUDIENCE 280 281 282 See the [ASO docs] for more details. 283 284 285 [ASO docs]: https://azure.github.io/azure-service-operator/guide/aso-controller-settings-options/ 286 type: string 287 disableLocalAccounts: 288 description: DisableLocalAccounts disables getting static 289 credentials for this cluster when set. Expected to only 290 be used for AAD clusters. 291 type: boolean 292 dnsServiceIP: 293 description: |- 294 DNSServiceIP is an IP address assigned to the Kubernetes DNS service. 295 It must be within the Kubernetes service address range specified in serviceCidr. 296 Immutable. 297 type: string 298 enablePreviewFeatures: 299 description: EnablePreviewFeatures enables preview features 300 for the cluster. 301 type: boolean 302 extensions: 303 description: Extensions is a list of AKS extensions to be 304 installed on the cluster. 305 items: 306 description: |- 307 AKSExtension represents the configuration for an AKS cluster extension. 308 See also [AKS doc]. 309 310 311 [AKS doc]: https://learn.microsoft.com/en-us/azure/aks/cluster-extensions 312 properties: 313 aksAssignedIdentityType: 314 description: AKSAssignedIdentityType is the type of 315 the AKS assigned identity. 316 enum: 317 - SystemAssigned 318 - UserAssigned 319 type: string 320 autoUpgradeMinorVersion: 321 default: true 322 description: AutoUpgradeMinorVersion is a flag to note 323 if this extension participates in auto upgrade of 324 minor version, or not. 325 type: boolean 326 configurationSettings: 327 additionalProperties: 328 type: string 329 description: ConfigurationSettings are the name-value 330 pairs for configuring this extension. 331 type: object 332 extensionType: 333 description: |- 334 ExtensionType is the type of the Extension of which this resource is an instance. 335 It must be one of the Extension Types registered with Microsoft.KubernetesConfiguration by the Extension publisher. 336 type: string 337 identity: 338 description: Identity is the identity type of the Extension 339 resource in an AKS cluster. 340 enum: 341 - SystemAssigned 342 type: string 343 name: 344 description: Name is the name of the extension. 345 type: string 346 plan: 347 description: Plan is the plan of the extension. 348 properties: 349 name: 350 description: Name is the user-defined name of the 351 3rd Party Artifact that is being procured. 352 type: string 353 product: 354 description: Product is the name of the 3rd Party 355 artifact that is being procured. 356 type: string 357 promotionCode: 358 description: PromotionCode is a publisher-provided 359 promotion code as provisioned in Data Market for 360 the said product/artifact. 361 type: string 362 publisher: 363 description: Publisher is the name of the publisher 364 of the 3rd Party Artifact that is being bought. 365 type: string 366 version: 367 description: Version is the version of the plan. 368 type: string 369 type: object 370 releaseTrain: 371 description: |- 372 ReleaseTrain is the release train this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) 373 This is only used if autoUpgradeMinorVersion is ‘true’. 374 type: string 375 scope: 376 description: Scope is the scope at which this extension 377 is enabled. 378 properties: 379 releaseNamespace: 380 description: |- 381 ReleaseNamespace is the namespace where the extension Release must be placed, for a Cluster-scoped extension. 382 Required for Cluster-scoped extensions. 383 type: string 384 scopeType: 385 description: ScopeType is the scope of the extension. 386 It can be either Cluster or Namespace, but not 387 both. 388 enum: 389 - Cluster 390 - Namespace 391 type: string 392 targetNamespace: 393 description: |- 394 TargetNamespace is the namespace where the extension will be created for a Namespace-scoped extension. 395 Required for Namespace-scoped extensions. 396 type: string 397 required: 398 - scopeType 399 type: object 400 version: 401 description: Version is the version of the extension. 402 type: string 403 required: 404 - extensionType 405 - name 406 type: object 407 type: array 408 fleetsMember: 409 description: |- 410 FleetsMember is the spec for the fleet this cluster is a member of. 411 See also [AKS doc]. 412 413 414 [AKS doc]: https://learn.microsoft.com/en-us/azure/templates/microsoft.containerservice/2023-03-15-preview/fleets/members 415 properties: 416 group: 417 description: Group is the group this member belongs to 418 for multi-cluster update management. 419 type: string 420 managerName: 421 description: ManagerName is the name of the fleet manager. 422 type: string 423 managerResourceGroup: 424 description: ManagerResourceGroup is the resource group 425 of the fleet manager. 426 type: string 427 required: 428 - managerName 429 - managerResourceGroup 430 type: object 431 httpProxyConfig: 432 description: |- 433 HTTPProxyConfig is the HTTP proxy configuration for the cluster. 434 Immutable. 435 properties: 436 httpProxy: 437 description: HTTPProxy is the HTTP proxy server endpoint 438 to use. 439 type: string 440 httpsProxy: 441 description: HTTPSProxy is the HTTPS proxy server endpoint 442 to use. 443 type: string 444 noProxy: 445 description: NoProxy indicates the endpoints that should 446 not go through proxy. 447 items: 448 type: string 449 type: array 450 trustedCa: 451 description: TrustedCA is the alternative CA cert to use 452 for connecting to proxy servers. 453 type: string 454 type: object 455 identity: 456 description: Identity configuration used by the AKS control 457 plane. 458 properties: 459 type: 460 description: Type - The Identity type to use. 461 enum: 462 - SystemAssigned 463 - UserAssigned 464 type: string 465 userAssignedIdentityResourceID: 466 description: UserAssignedIdentityResourceID - Identity 467 ARM resource ID when using user-assigned identity. 468 type: string 469 type: object 470 identityRef: 471 description: IdentityRef is a reference to a AzureClusterIdentity 472 to be used when reconciling this cluster 473 properties: 474 apiVersion: 475 description: API version of the referent. 476 type: string 477 fieldPath: 478 description: |- 479 If referring to a piece of an object instead of an entire object, this string 480 should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. 481 For example, if the object reference is to a container within a pod, this would take on a value like: 482 "spec.containers{name}" (where "name" refers to the name of the container that triggered 483 the event) or if no container name is specified "spec.containers[2]" (container with 484 index 2 in this pod). This syntax is chosen only to have some well-defined way of 485 referencing a part of an object. 486 TODO: this design is not final and this field is subject to change in the future. 487 type: string 488 kind: 489 description: |- 490 Kind of the referent. 491 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 492 type: string 493 name: 494 description: |- 495 Name of the referent. 496 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 497 type: string 498 namespace: 499 description: |- 500 Namespace of the referent. 501 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ 502 type: string 503 resourceVersion: 504 description: |- 505 Specific resourceVersion to which this reference is made, if any. 506 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency 507 type: string 508 uid: 509 description: |- 510 UID of the referent. 511 More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids 512 type: string 513 type: object 514 x-kubernetes-map-type: atomic 515 kubeletUserAssignedIdentity: 516 description: |- 517 KubeletUserAssignedIdentity is the user-assigned identity for kubelet. 518 For authentication with Azure Container Registry. 519 type: string 520 loadBalancerProfile: 521 description: LoadBalancerProfile is the profile of the cluster 522 load balancer. 523 properties: 524 allocatedOutboundPorts: 525 description: AllocatedOutboundPorts - Desired number of 526 allocated SNAT ports per VM. Allowed values must be 527 in the range of 0 to 64000 (inclusive). The default 528 value is 0 which results in Azure dynamically allocating 529 ports. 530 type: integer 531 idleTimeoutInMinutes: 532 description: IdleTimeoutInMinutes - Desired outbound flow 533 idle timeout in minutes. Allowed values must be in the 534 range of 4 to 120 (inclusive). The default value is 535 30 minutes. 536 type: integer 537 managedOutboundIPs: 538 description: ManagedOutboundIPs - Desired managed outbound 539 IPs for the cluster load balancer. 540 type: integer 541 outboundIPPrefixes: 542 description: OutboundIPPrefixes - Desired outbound IP 543 Prefix resources for the cluster load balancer. 544 items: 545 type: string 546 type: array 547 outboundIPs: 548 description: OutboundIPs - Desired outbound IP resources 549 for the cluster load balancer. 550 items: 551 type: string 552 type: array 553 type: object 554 loadBalancerSKU: 555 default: Standard 556 description: |- 557 LoadBalancerSKU is the SKU of the loadBalancer to be provisioned. 558 Immutable. 559 enum: 560 - Basic 561 - Standard 562 type: string 563 location: 564 description: 'Location is a string matching one of the canonical 565 Azure region names. Examples: "westus2", "eastus".' 566 type: string 567 machineTemplate: 568 description: |- 569 MachineTemplate contains information about how machines 570 should be shaped when creating or updating a control plane. 571 For the AzureManagedControlPlaneTemplate, this field is used 572 only to fulfill the CAPI contract. 573 type: object 574 networkDataplane: 575 description: NetworkDataplane is the dataplane used for building 576 the Kubernetes network. 577 enum: 578 - azure 579 - cilium 580 type: string 581 networkPlugin: 582 description: NetworkPlugin used for building Kubernetes network. 583 enum: 584 - azure 585 - kubenet 586 - none 587 type: string 588 networkPluginMode: 589 description: |- 590 NetworkPluginMode is the mode the network plugin should use. 591 Allowed value is "overlay". 592 enum: 593 - overlay 594 type: string 595 networkPolicy: 596 description: NetworkPolicy used for building Kubernetes network. 597 enum: 598 - azure 599 - calico 600 - cilium 601 type: string 602 oidcIssuerProfile: 603 description: OIDCIssuerProfile is the OIDC issuer profile 604 of the Managed Cluster. 605 properties: 606 enabled: 607 description: Enabled is whether the OIDC issuer is enabled. 608 type: boolean 609 type: object 610 outboundType: 611 description: Outbound configuration used by Nodes. 612 enum: 613 - loadBalancer 614 - managedNATGateway 615 - userAssignedNATGateway 616 - userDefinedRouting 617 type: string 618 resourceGroupName: 619 description: |- 620 ResourceGroupName is the name of the Azure resource group for this AKS Cluster. 621 Immutable. 622 type: string 623 securityProfile: 624 description: SecurityProfile defines the security profile 625 for cluster. 626 properties: 627 azureKeyVaultKms: 628 description: AzureKeyVaultKms defines Azure Key Vault 629 Management Services Profile for the security profile. 630 properties: 631 enabled: 632 description: Enabled enables the Azure Key Vault key 633 management service. The default is false. 634 type: boolean 635 keyID: 636 description: |- 637 KeyID defines the Identifier of Azure Key Vault key. 638 When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. 639 type: string 640 keyVaultNetworkAccess: 641 default: Public 642 description: |- 643 KeyVaultNetworkAccess defines the network access of key vault. 644 The possible values are Public and Private. 645 Public means the key vault allows public access from all networks. 646 Private means the key vault disables public access and enables private link. The default value is Public. 647 type: string 648 keyVaultResourceID: 649 description: KeyVaultResourceID is the Resource ID 650 of key vault. When keyVaultNetworkAccess is Private, 651 this field is required and must be a valid resource 652 ID. 653 type: string 654 required: 655 - enabled 656 - keyID 657 type: object 658 defender: 659 description: Defender settings for the security profile. 660 properties: 661 logAnalyticsWorkspaceResourceID: 662 description: |- 663 LogAnalyticsWorkspaceResourceID is the ID of the Log Analytics workspace that has to be associated with Microsoft Defender. 664 When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. 665 type: string 666 securityMonitoring: 667 description: SecurityMonitoring profile defines the 668 Microsoft Defender threat detection for Cloud settings 669 for the security profile. 670 properties: 671 enabled: 672 description: Enabled enables Defender threat detection 673 type: boolean 674 required: 675 - enabled 676 type: object 677 required: 678 - logAnalyticsWorkspaceResourceID 679 - securityMonitoring 680 type: object 681 imageCleaner: 682 description: ImageCleaner settings for the security profile. 683 properties: 684 enabled: 685 description: Enabled enables the Image Cleaner on 686 AKS cluster. 687 type: boolean 688 intervalHours: 689 description: IntervalHours defines Image Cleaner scanning 690 interval in hours. Default value is 24 hours. 691 maximum: 2160 692 minimum: 24 693 type: integer 694 required: 695 - enabled 696 type: object 697 workloadIdentity: 698 description: Workloadidentity enables Kubernetes applications 699 to access Azure cloud resources securely with Azure 700 AD. Ensure to enable OIDC issuer while enabling Workload 701 Identity 702 properties: 703 enabled: 704 description: Enabled enables the workload identity. 705 type: boolean 706 required: 707 - enabled 708 type: object 709 type: object 710 sku: 711 description: SKU is the SKU of the AKS to be provisioned. 712 properties: 713 tier: 714 description: Tier - Tier of an AKS cluster. 715 enum: 716 - Free 717 - Paid 718 - Standard 719 type: string 720 required: 721 - tier 722 type: object 723 subscriptionID: 724 description: SubscriptionID is the GUID of the Azure subscription 725 that owns this cluster. 726 type: string 727 version: 728 description: Version defines the desired Kubernetes version. 729 minLength: 2 730 type: string 731 virtualNetwork: 732 description: VirtualNetwork describes the virtual network 733 for the AKS cluster. It will be created if it does not already 734 exist. 735 properties: 736 cidrBlock: 737 type: string 738 name: 739 description: Name is the name of the virtual network. 740 type: string 741 resourceGroup: 742 description: ResourceGroup is the name of the Azure resource 743 group for the VNet and Subnet. 744 type: string 745 subnet: 746 description: ManagedControlPlaneSubnet describes a subnet 747 for an AKS cluster. 748 properties: 749 cidrBlock: 750 type: string 751 name: 752 type: string 753 privateEndpoints: 754 description: PrivateEndpoints is a slice of Virtual 755 Network private endpoints to create for the subnets. 756 items: 757 description: PrivateEndpointSpec configures an Azure 758 Private Endpoint. 759 properties: 760 applicationSecurityGroups: 761 description: ApplicationSecurityGroups specifies 762 the Application security group in which the 763 private endpoint IP configuration is included. 764 items: 765 type: string 766 type: array 767 customNetworkInterfaceName: 768 description: CustomNetworkInterfaceName specifies 769 the network interface name associated with 770 the private endpoint. 771 type: string 772 location: 773 description: Location specifies the region to 774 create the private endpoint. 775 type: string 776 manualApproval: 777 description: |- 778 ManualApproval specifies if the connection approval needs to be done manually or not. 779 Set it true when the network admin does not have access to approve connections to the remote resource. 780 Defaults to false. 781 type: boolean 782 name: 783 description: Name specifies the name of the 784 private endpoint. 785 type: string 786 privateIPAddresses: 787 description: |- 788 PrivateIPAddresses specifies the IP addresses for the network interface associated with the private endpoint. 789 They have to be part of the subnet where the private endpoint is linked. 790 items: 791 type: string 792 type: array 793 privateLinkServiceConnections: 794 description: PrivateLinkServiceConnections specifies 795 Private Link Service Connections of the private 796 endpoint. 797 items: 798 description: PrivateLinkServiceConnection 799 defines the specification for a private 800 link service connection associated with 801 a private endpoint. 802 properties: 803 groupIDs: 804 description: GroupIDs specifies the ID(s) 805 of the group(s) obtained from the remote 806 resource that this private endpoint 807 should connect to. 808 items: 809 type: string 810 type: array 811 name: 812 description: Name specifies the name of 813 the private link service. 814 type: string 815 privateLinkServiceID: 816 description: PrivateLinkServiceID specifies 817 the resource ID of the private link 818 service. 819 type: string 820 requestMessage: 821 description: RequestMessage specifies 822 a message passed to the owner of the 823 remote resource with the private endpoint 824 connection request. 825 maxLength: 140 826 type: string 827 type: object 828 type: array 829 required: 830 - name 831 type: object 832 type: array 833 x-kubernetes-list-map-keys: 834 - name 835 x-kubernetes-list-type: map 836 serviceEndpoints: 837 description: ServiceEndpoints is a slice of Virtual 838 Network service endpoints to enable for the subnets. 839 items: 840 description: ServiceEndpointSpec configures an Azure 841 Service Endpoint. 842 properties: 843 locations: 844 items: 845 type: string 846 type: array 847 service: 848 type: string 849 required: 850 - locations 851 - service 852 type: object 853 type: array 854 x-kubernetes-list-map-keys: 855 - service 856 x-kubernetes-list-type: map 857 required: 858 - cidrBlock 859 - name 860 type: object 861 required: 862 - cidrBlock 863 - name 864 type: object 865 required: 866 - identityRef 867 - location 868 - resourceGroupName 869 - version 870 type: object 871 required: 872 - spec 873 type: object 874 required: 875 - template 876 type: object 877 type: object 878 served: true 879 storage: true