Managed Clusters - Create Or Update

Creates or updates a managed cluster.
Creates or updates a managed cluster with the specified configuration for agents and Kubernetes version.

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}?api-version=2020-06-01

URI Parameters

Name In Required Type Description
resourceGroupName
path True
  • string

The name of the resource group.

resourceName
path True
  • string

The name of the managed cluster resource.

Regex pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$

subscriptionId
path True
  • string

Subscription credentials which uniquely identify Microsoft Azure subscription. The subscription ID forms part of the URI for every service call.

api-version
query True
  • string

Client Api Version.

Request Body

Name Required Type Description
identity

The identity of the managed cluster, if configured.

location True
  • string

Resource location

properties.aadProfile

Profile of Azure Active Directory configuration.

properties.addonProfiles

Profile of managed cluster add-on.

properties.agentPoolProfiles

Properties of the agent pool.

properties.apiServerAccessProfile

Access profile for managed cluster API server.

properties.autoScalerProfile

Parameters to be applied to the cluster-autoscaler when enabled

properties.diskEncryptionSetID
  • string

ResourceId of the disk encryption set to use for enabling encryption at rest.

properties.dnsPrefix
  • string

DNS prefix specified when creating the managed cluster.

properties.enablePodSecurityPolicy
  • boolean

(PREVIEW) Whether to enable Kubernetes Pod security policy.

properties.enableRBAC
  • boolean

Whether to enable Kubernetes Role-Based Access Control.

properties.identityProfile

Identities associated with the cluster.

properties.kubernetesVersion
  • string

Version of Kubernetes specified when creating the managed cluster.

properties.linuxProfile

Profile for Linux VMs in the container service cluster.

properties.networkProfile

Profile of network configuration.

properties.nodeResourceGroup
  • string

Name of the resource group containing agent pool nodes.

properties.servicePrincipalProfile

Information about a service principal identity for the cluster to use for manipulating Azure APIs.

properties.windowsProfile

Profile for Windows VMs in the container service cluster.

sku

The managed cluster SKU.

tags
  • object

Resource tags

Responses

Name Type Description
200 OK

OK

201 Created

Created

Other Status Codes

Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

Create Managed Cluster with PPG
Create/Update AAD Managed Cluster with EnableAzureRBAC
Create/Update Managed Cluster

Create Managed Cluster with PPG

Sample Request

PUT https://management.azure.com/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2020-06-01
{
  "location": "location1",
  "tags": {
    "tier": "production",
    "archv2": ""
  },
  "sku": {
    "name": "Basic",
    "tier": "Free"
  },
  "properties": {
    "kubernetesVersion": "",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS2_v2",
        "osType": "Linux",
        "type": "VirtualMachineScaleSets",
        "enableNodePublicIP": true,
        "mode": "System",
        "nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
        "proximityPlacementGroupID": "/subscriptions/subid1/resourcegroups/rg1/providers//Microsoft.Compute/proximityPlacementGroups/ppg1"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "networkProfile": {
      "loadBalancerSku": "standard",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "managedOutboundIPs": {
          "count": 2
        }
      }
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    },
    "windowsProfile": {
      "adminUsername": "azureuser",
      "adminPassword": "replacePassword1234$"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid",
      "secret": "secret"
    },
    "addonProfiles": {},
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true
  }
}

Sample Response

{
  "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
  "location": "location1",
  "name": "clustername1",
  "tags": {
    "archv2": "",
    "tier": "production"
  },
  "type": "Microsoft.ContainerService/ManagedClusters",
  "properties": {
    "provisioningState": "Succeeded",
    "maxAgentPools": 1,
    "kubernetesVersion": "1.9.6",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS2_v2",
        "maxPods": 110,
        "osType": "Linux",
        "provisioningState": "Succeeded",
        "orchestratorVersion": "1.9.6",
        "type": "VirtualMachineScaleSets",
        "enableNodePublicIP": true,
        "mode": "System",
        "nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
        "proximityPlacementGroupID": "/subscriptions/subid1/resourcegroups/rg1/providers//Microsoft.Compute/proximityPlacementGroups/ppg1"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "windowsProfile": {
      "adminUsername": "azureuser"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid"
    },
    "nodeResourceGroup": "MC_rg1_clustername1_location1",
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true,
    "fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
    "networkProfile": {
      "loadBalancerSku": "basic",
      "networkPlugin": "kubenet",
      "podCidr": "10.244.0.0/16",
      "serviceCidr": "10.0.0.0/16",
      "dnsServiceIP": "10.0.0.10",
      "dockerBridgeCidr": "172.17.0.1/16",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "allocatedOutboundPorts": 2000,
        "idleTimeoutInMinutes": 10,
        "managedOutboundIPs": {
          "count": 2
        },
        "effectiveOutboundIPs": [
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
          },
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
          }
        ]
      }
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    }
  }
}
{
  "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
  "location": "location1",
  "name": "clustername1",
  "tags": {
    "archv2": "",
    "tier": "production"
  },
  "type": "Microsoft.ContainerService/ManagedClusters",
  "properties": {
    "provisioningState": "Creating",
    "maxAgentPools": 1,
    "kubernetesVersion": "1.9.6",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS2_v2",
        "maxPods": 110,
        "osType": "Linux",
        "provisioningState": "Creating",
        "orchestratorVersion": "1.9.6",
        "type": "VirtualMachineScaleSets",
        "enableNodePublicIP": true,
        "mode": "System",
        "proximityPlacementGroupID": "/subscriptions/subid1/resourcegroups/rg1/providers//Microsoft.Compute/proximityPlacementGroups/ppg1"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "windowsProfile": {
      "adminUsername": "azureuser"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid"
    },
    "nodeResourceGroup": "MC_rg1_clustername1_location1",
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true,
    "networkProfile": {
      "networkPlugin": "kubenet",
      "podCidr": "10.244.0.0/16",
      "serviceCidr": "10.0.0.0/16",
      "dnsServiceIP": "10.0.0.10",
      "dockerBridgeCidr": "172.17.0.1/16",
      "loadBalancerSku": "standard",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "allocatedOutboundPorts": 2000,
        "idleTimeoutInMinutes": 10,
        "managedOutboundIPs": {
          "count": 2
        },
        "effectiveOutboundIPs": [
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
          },
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
          }
        ]
      }
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    }
  }
}

Create/Update AAD Managed Cluster with EnableAzureRBAC

Sample Request

PUT https://management.azure.com/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2020-06-01
{
  "location": "location1",
  "tags": {
    "tier": "production",
    "archv2": ""
  },
  "sku": {
    "name": "Basic",
    "tier": "Free"
  },
  "properties": {
    "kubernetesVersion": "",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "osType": "Linux",
        "type": "VirtualMachineScaleSets",
        "availabilityZones": [
          "1",
          "2",
          "3"
        ],
        "enableNodePublicIP": true,
        "mode": "System",
        "nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "networkProfile": {
      "loadBalancerSku": "standard",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "managedOutboundIPs": {
          "count": 2
        }
      }
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    },
    "windowsProfile": {
      "adminUsername": "azureuser",
      "adminPassword": "replacePassword1234$"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid",
      "secret": "secret"
    },
    "addonProfiles": {},
    "aadProfile": {
      "managed": true,
      "enableAzureRBAC": true
    },
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true
  }
}

Sample Response

{
  "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
  "location": "location1",
  "name": "clustername1",
  "tags": {
    "archv2": "",
    "tier": "production"
  },
  "type": "Microsoft.ContainerService/ManagedClusters",
  "properties": {
    "provisioningState": "Succeeded",
    "maxAgentPools": 1,
    "kubernetesVersion": "1.9.6",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "maxPods": 110,
        "osType": "Linux",
        "provisioningState": "Succeeded",
        "orchestratorVersion": "1.9.6",
        "type": "VirtualMachineScaleSets",
        "availabilityZones": [
          "1",
          "2",
          "3"
        ],
        "enableNodePublicIP": true,
        "mode": "System",
        "nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "windowsProfile": {
      "adminUsername": "azureuser"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid"
    },
    "nodeResourceGroup": "MC_rg1_clustername1_location1",
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true,
    "fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
    "networkProfile": {
      "loadBalancerSku": "basic",
      "networkPlugin": "kubenet",
      "podCidr": "10.244.0.0/16",
      "serviceCidr": "10.0.0.0/16",
      "dnsServiceIP": "10.0.0.10",
      "dockerBridgeCidr": "172.17.0.1/16",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "allocatedOutboundPorts": 2000,
        "idleTimeoutInMinutes": 10,
        "managedOutboundIPs": {
          "count": 2
        },
        "effectiveOutboundIPs": [
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
          },
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
          }
        ]
      }
    },
    "aadProfile": {
      "managed": true,
      "adminGroupObjectIDs": null,
      "enableAzureRBAC": true,
      "tenantID": "tenantID"
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    }
  }
}
{
  "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
  "location": "location1",
  "name": "clustername1",
  "tags": {
    "archv2": "",
    "tier": "production"
  },
  "type": "Microsoft.ContainerService/ManagedClusters",
  "properties": {
    "provisioningState": "Creating",
    "maxAgentPools": 1,
    "kubernetesVersion": "1.9.6",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "maxPods": 110,
        "osType": "Linux",
        "provisioningState": "Creating",
        "orchestratorVersion": "1.9.6",
        "type": "VirtualMachineScaleSets",
        "availabilityZones": [
          "1",
          "2",
          "3"
        ],
        "enableNodePublicIP": true,
        "mode": "System"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "windowsProfile": {
      "adminUsername": "azureuser"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid"
    },
    "nodeResourceGroup": "MC_rg1_clustername1_location1",
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true,
    "networkProfile": {
      "networkPlugin": "kubenet",
      "podCidr": "10.244.0.0/16",
      "serviceCidr": "10.0.0.0/16",
      "dnsServiceIP": "10.0.0.10",
      "dockerBridgeCidr": "172.17.0.1/16",
      "loadBalancerSku": "standard",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "allocatedOutboundPorts": 2000,
        "idleTimeoutInMinutes": 10,
        "managedOutboundIPs": {
          "count": 2
        },
        "effectiveOutboundIPs": [
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
          },
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
          }
        ]
      }
    },
    "aadProfile": {
      "managed": true,
      "adminGroupObjectIDs": null,
      "enableAzureRBAC": true,
      "tenantID": "tenantID"
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    }
  }
}

Create/Update Managed Cluster

Sample Request

PUT https://management.azure.com/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2020-06-01
{
  "location": "location1",
  "tags": {
    "tier": "production",
    "archv2": ""
  },
  "sku": {
    "name": "Basic",
    "tier": "Free"
  },
  "properties": {
    "kubernetesVersion": "",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "osType": "Linux",
        "type": "VirtualMachineScaleSets",
        "availabilityZones": [
          "1",
          "2",
          "3"
        ],
        "enableNodePublicIP": true,
        "mode": "System",
        "nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "networkProfile": {
      "loadBalancerSku": "standard",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "managedOutboundIPs": {
          "count": 2
        }
      }
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    },
    "windowsProfile": {
      "adminUsername": "azureuser",
      "adminPassword": "replacePassword1234$"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid",
      "secret": "secret"
    },
    "addonProfiles": {},
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true
  },
  "identity": {
    "type": "UserAssigned",
    "userAssignedIdentities": {
      "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
    }
  }
}

Sample Response

{
  "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
  "location": "location1",
  "name": "clustername1",
  "tags": {
    "archv2": "",
    "tier": "production"
  },
  "type": "Microsoft.ContainerService/ManagedClusters",
  "properties": {
    "provisioningState": "Succeeded",
    "maxAgentPools": 1,
    "kubernetesVersion": "1.9.6",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "maxPods": 110,
        "osType": "Linux",
        "provisioningState": "Succeeded",
        "orchestratorVersion": "1.9.6",
        "type": "VirtualMachineScaleSets",
        "availabilityZones": [
          "1",
          "2",
          "3"
        ],
        "enableNodePublicIP": true,
        "mode": "System",
        "nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "windowsProfile": {
      "adminUsername": "azureuser"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid"
    },
    "nodeResourceGroup": "MC_rg1_clustername1_location1",
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true,
    "fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
    "networkProfile": {
      "loadBalancerSku": "basic",
      "networkPlugin": "kubenet",
      "podCidr": "10.244.0.0/16",
      "serviceCidr": "10.0.0.0/16",
      "dnsServiceIP": "10.0.0.10",
      "dockerBridgeCidr": "172.17.0.1/16",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "allocatedOutboundPorts": 2000,
        "idleTimeoutInMinutes": 10,
        "managedOutboundIPs": {
          "count": 2
        },
        "effectiveOutboundIPs": [
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
          },
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
          }
        ]
      }
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    }
  },
  "identity": {
    "type": "UserAssigned",
    "userAssignedIdentities": {
      "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
        "principalId": "principalId1",
        "clientId": "clientId1"
      }
    }
  }
}
{
  "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
  "location": "location1",
  "name": "clustername1",
  "tags": {
    "archv2": "",
    "tier": "production"
  },
  "type": "Microsoft.ContainerService/ManagedClusters",
  "properties": {
    "provisioningState": "Creating",
    "maxAgentPools": 1,
    "kubernetesVersion": "1.9.6",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "maxPods": 110,
        "osType": "Linux",
        "provisioningState": "Creating",
        "orchestratorVersion": "1.9.6",
        "type": "VirtualMachineScaleSets",
        "availabilityZones": [
          "1",
          "2",
          "3"
        ],
        "enableNodePublicIP": true,
        "mode": "System"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "windowsProfile": {
      "adminUsername": "azureuser"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid"
    },
    "nodeResourceGroup": "MC_rg1_clustername1_location1",
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true,
    "networkProfile": {
      "networkPlugin": "kubenet",
      "podCidr": "10.244.0.0/16",
      "serviceCidr": "10.0.0.0/16",
      "dnsServiceIP": "10.0.0.10",
      "dockerBridgeCidr": "172.17.0.1/16",
      "loadBalancerSku": "standard",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "allocatedOutboundPorts": 2000,
        "idleTimeoutInMinutes": 10,
        "managedOutboundIPs": {
          "count": 2
        },
        "effectiveOutboundIPs": [
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
          },
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
          }
        ]
      }
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    }
  },
  "identity": {
    "type": "UserAssigned",
    "userAssignedIdentities": {
      "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
        "principalId": "principalId1",
        "clientId": "clientId1"
      }
    }
  }
}

Definitions

AgentPoolMode

AgentPoolMode represents mode of an agent pool.

AgentPoolType

AgentPoolType represents types of an agent pool.

AgentPoolUpgradeSettings

Settings for upgrading an agentpool

AutoScalerProfile

Parameters to be applied to the cluster-autoscaler when enabled

CloudError

An error response from the Container service.

CloudErrorBody

An error response from the Container service.

ContainerServiceLinuxProfile

Profile for Linux VMs in the container service cluster.

ContainerServiceNetworkProfile

Profile of network configuration.

ContainerServiceSshConfiguration

SSH configuration for Linux-based VMs running on Azure.

ContainerServiceSshPublicKey

Contains information about SSH certificate public key data.

ContainerServiceVMSizeTypes

Size of agent VMs.

Identity

Information of user assigned identity used by this add-on.

loadBalancerSku

The load balancer sku for the managed cluster.

ManagedCluster

Managed cluster.

ManagedClusterAADProfile

AADProfile specifies attributes for Azure Active Directory integration.

ManagedClusterAddonProfile

A Kubernetes add-on profile for a managed cluster.

ManagedClusterAgentPoolProfile

Profile for the container service agent pool.

ManagedClusterAPIServerAccessProfile

Access profile for managed cluster API server.

ManagedClusterIdentity

Identity for the managed cluster.

ManagedClusterLoadBalancerProfile

Profile of the managed cluster load balancer.

ManagedClusterServicePrincipalProfile

Information about a service principal identity for the cluster to use for manipulating Azure APIs.

ManagedClusterSKU
ManagedClusterSKUName

Name of a managed cluster SKU.

ManagedClusterSKUTier

Tier of a managed cluster SKU.

ManagedClusterWindowsProfile

Profile for Windows VMs in the container service cluster.

ManagedOutboundIPs

Desired managed outbound IPs for the cluster load balancer.

networkMode

Network mode used for building Kubernetes network.

NetworkPlugin

Network plugin used for building Kubernetes network.

NetworkPolicy

Network policy used for building Kubernetes network.

OSType

OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.

OutboundIPPrefixes

Desired outbound IP Prefix resources for the cluster load balancer.

OutboundIPs

Desired outbound IP resources for the cluster load balancer.

outboundType

The outbound (egress) routing method.

ResourceIdentityType

The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.

ResourceReference

A reference to an Azure resource.

ScaleSetEvictionPolicy

ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.

ScaleSetPriority

ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.

UserAssignedIdentities

The user identity associated with the managed cluster. This identity will be used in control plane and only one user assigned identity is allowed. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

AgentPoolMode

AgentPoolMode represents mode of an agent pool.

Name Type Description
System
  • string
User
  • string

AgentPoolType

AgentPoolType represents types of an agent pool.

Name Type Description
AvailabilitySet
  • string
VirtualMachineScaleSets
  • string

AgentPoolUpgradeSettings

Settings for upgrading an agentpool

Name Type Description
maxSurge
  • string

Count or percentage of additional nodes to be added during upgrade. If empty uses AKS default

AutoScalerProfile

Parameters to be applied to the cluster-autoscaler when enabled

Name Type Description
balance-similar-node-groups
  • string
max-graceful-termination-sec
  • string
scale-down-delay-after-add
  • string
scale-down-delay-after-delete
  • string
scale-down-delay-after-failure
  • string
scale-down-unneeded-time
  • string
scale-down-unready-time
  • string
scale-down-utilization-threshold
  • string
scan-interval
  • string

CloudError

An error response from the Container service.

Name Type Description
error

Details about the error.

CloudErrorBody

An error response from the Container service.

Name Type Description
code
  • string

An identifier for the error. Codes are invariant and are intended to be consumed programmatically.

details

A list of additional details about the error.

message
  • string

A message describing the error, intended to be suitable for display in a user interface.

target
  • string

The target of the particular error. For example, the name of the property in error.

ContainerServiceLinuxProfile

Profile for Linux VMs in the container service cluster.

Name Type Description
adminUsername
  • string

The administrator username to use for Linux VMs.

ssh

SSH configuration for Linux-based VMs running on Azure.

ContainerServiceNetworkProfile

Profile of network configuration.

Name Type Description
dnsServiceIP
  • string

An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.

dockerBridgeCidr
  • string

A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.

loadBalancerProfile

Profile of the cluster load balancer.

loadBalancerSku

The load balancer sku for the managed cluster.

networkMode

Network mode used for building Kubernetes network.

networkPlugin

Network plugin used for building Kubernetes network.

networkPolicy

Network policy used for building Kubernetes network.

outboundType

The outbound (egress) routing method.

podCidr
  • string

A CIDR notation IP range from which to assign pod IPs when kubenet is used.

serviceCidr
  • string

A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.

ContainerServiceSshConfiguration

SSH configuration for Linux-based VMs running on Azure.

Name Type Description
publicKeys

The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.

ContainerServiceSshPublicKey

Contains information about SSH certificate public key data.

Name Type Description
keyData
  • string

Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.

ContainerServiceVMSizeTypes

Size of agent VMs.

Name Type Description
Standard_A1
  • string
Standard_A10
  • string
Standard_A11
  • string
Standard_A1_v2
  • string
Standard_A2
  • string
Standard_A2_v2
  • string
Standard_A2m_v2
  • string
Standard_A3
  • string
Standard_A4
  • string
Standard_A4_v2
  • string
Standard_A4m_v2
  • string
Standard_A5
  • string
Standard_A6
  • string
Standard_A7
  • string
Standard_A8
  • string
Standard_A8_v2
  • string
Standard_A8m_v2
  • string
Standard_A9
  • string
Standard_B2ms
  • string
Standard_B2s
  • string
Standard_B4ms
  • string
Standard_B8ms
  • string
Standard_D1
  • string
Standard_D11
  • string
Standard_D11_v2
  • string
Standard_D11_v2_Promo
  • string
Standard_D12
  • string
Standard_D12_v2
  • string
Standard_D12_v2_Promo
  • string
Standard_D13
  • string
Standard_D13_v2
  • string
Standard_D13_v2_Promo
  • string
Standard_D14
  • string
Standard_D14_v2
  • string
Standard_D14_v2_Promo
  • string
Standard_D15_v2
  • string
Standard_D16_v3
  • string
Standard_D16s_v3
  • string
Standard_D1_v2
  • string
Standard_D2
  • string
Standard_D2_v2
  • string
Standard_D2_v2_Promo
  • string
Standard_D2_v3
  • string
Standard_D2s_v3
  • string
Standard_D3
  • string
Standard_D32_v3
  • string
Standard_D32s_v3
  • string
Standard_D3_v2
  • string
Standard_D3_v2_Promo
  • string
Standard_D4
  • string
Standard_D4_v2
  • string
Standard_D4_v2_Promo
  • string
Standard_D4_v3
  • string
Standard_D4s_v3
  • string
Standard_D5_v2
  • string
Standard_D5_v2_Promo
  • string
Standard_D64_v3
  • string
Standard_D64s_v3
  • string
Standard_D8_v3
  • string
Standard_D8s_v3
  • string
Standard_DS1
  • string
Standard_DS11
  • string
Standard_DS11_v2
  • string
Standard_DS11_v2_Promo
  • string
Standard_DS12
  • string
Standard_DS12_v2
  • string
Standard_DS12_v2_Promo
  • string
Standard_DS13
  • string
Standard_DS13-2_v2
  • string
Standard_DS13-4_v2
  • string
Standard_DS13_v2
  • string
Standard_DS13_v2_Promo
  • string
Standard_DS14
  • string
Standard_DS14-4_v2
  • string
Standard_DS14-8_v2
  • string
Standard_DS14_v2
  • string
Standard_DS14_v2_Promo
  • string
Standard_DS15_v2
  • string
Standard_DS1_v2
  • string
Standard_DS2
  • string
Standard_DS2_v2
  • string
Standard_DS2_v2_Promo
  • string
Standard_DS3
  • string
Standard_DS3_v2
  • string
Standard_DS3_v2_Promo
  • string
Standard_DS4
  • string
Standard_DS4_v2
  • string
Standard_DS4_v2_Promo
  • string
Standard_DS5_v2
  • string
Standard_DS5_v2_Promo
  • string
Standard_E16_v3
  • string
Standard_E16s_v3
  • string
Standard_E2_v3
  • string
Standard_E2s_v3
  • string
Standard_E32-16s_v3
  • string
Standard_E32-8s_v3
  • string
Standard_E32_v3
  • string
Standard_E32s_v3
  • string
Standard_E4_v3
  • string
Standard_E4s_v3
  • string
Standard_E64-16s_v3
  • string
Standard_E64-32s_v3
  • string
Standard_E64_v3
  • string
Standard_E64s_v3
  • string
Standard_E8_v3
  • string
Standard_E8s_v3
  • string
Standard_F1
  • string
Standard_F16
  • string
Standard_F16s
  • string
Standard_F16s_v2
  • string
Standard_F1s
  • string
Standard_F2
  • string
Standard_F2s
  • string
Standard_F2s_v2
  • string
Standard_F32s_v2
  • string
Standard_F4
  • string
Standard_F4s
  • string
Standard_F4s_v2
  • string
Standard_F64s_v2
  • string
Standard_F72s_v2
  • string
Standard_F8
  • string
Standard_F8s
  • string
Standard_F8s_v2
  • string
Standard_G1
  • string
Standard_G2
  • string
Standard_G3
  • string
Standard_G4
  • string
Standard_G5
  • string
Standard_GS1
  • string
Standard_GS2
  • string
Standard_GS3
  • string
Standard_GS4
  • string
Standard_GS4-4
  • string
Standard_GS4-8
  • string
Standard_GS5
  • string
Standard_GS5-16
  • string
Standard_GS5-8
  • string
Standard_H16
  • string
Standard_H16m
  • string
Standard_H16mr
  • string
Standard_H16r
  • string
Standard_H8
  • string
Standard_H8m
  • string
Standard_L16s
  • string
Standard_L32s
  • string
Standard_L4s
  • string
Standard_L8s
  • string
Standard_M128-32ms
  • string
Standard_M128-64ms
  • string
Standard_M128ms
  • string
Standard_M128s
  • string
Standard_M64-16ms
  • string
Standard_M64-32ms
  • string
Standard_M64ms
  • string
Standard_M64s
  • string
Standard_NC12
  • string
Standard_NC12s_v2
  • string
Standard_NC12s_v3
  • string
Standard_NC24
  • string
Standard_NC24r
  • string
Standard_NC24rs_v2
  • string
Standard_NC24rs_v3
  • string
Standard_NC24s_v2
  • string
Standard_NC24s_v3
  • string
Standard_NC6
  • string
Standard_NC6s_v2
  • string
Standard_NC6s_v3
  • string
Standard_ND12s
  • string
Standard_ND24rs
  • string
Standard_ND24s
  • string
Standard_ND6s
  • string
Standard_NV12
  • string
Standard_NV24
  • string
Standard_NV6
  • string

Identity

Information of user assigned identity used by this add-on.

Name Type Description
clientId
  • string

The client id of the user assigned identity.

objectId
  • string

The object id of the user assigned identity.

resourceId
  • string

The resource id of the user assigned identity.

loadBalancerSku

The load balancer sku for the managed cluster.

Name Type Description
basic
  • string
standard
  • string

ManagedCluster

Managed cluster.

Name Type Description
id
  • string

Resource Id

identity

The identity of the managed cluster, if configured.

location
  • string

Resource location

name
  • string

Resource name

properties.aadProfile

Profile of Azure Active Directory configuration.

properties.addonProfiles

Profile of managed cluster add-on.

properties.agentPoolProfiles

Properties of the agent pool.

properties.apiServerAccessProfile

Access profile for managed cluster API server.

properties.autoScalerProfile

Parameters to be applied to the cluster-autoscaler when enabled

properties.diskEncryptionSetID
  • string

ResourceId of the disk encryption set to use for enabling encryption at rest.

properties.dnsPrefix
  • string

DNS prefix specified when creating the managed cluster.

properties.enablePodSecurityPolicy
  • boolean

(PREVIEW) Whether to enable Kubernetes Pod security policy.

properties.enableRBAC
  • boolean

Whether to enable Kubernetes Role-Based Access Control.

properties.fqdn
  • string

FQDN for the master pool.

properties.identityProfile

Identities associated with the cluster.

properties.kubernetesVersion
  • string

Version of Kubernetes specified when creating the managed cluster.

properties.linuxProfile

Profile for Linux VMs in the container service cluster.

properties.maxAgentPools
  • integer

The max number of agent pools for the managed cluster.

properties.networkProfile

Profile of network configuration.

properties.nodeResourceGroup
  • string

Name of the resource group containing agent pool nodes.

properties.privateFQDN
  • string

FQDN of private cluster.

properties.provisioningState
  • string

The current deployment or provisioning state, which only appears in the response.

properties.servicePrincipalProfile

Information about a service principal identity for the cluster to use for manipulating Azure APIs.

properties.windowsProfile

Profile for Windows VMs in the container service cluster.

sku

The managed cluster SKU.

tags
  • object

Resource tags

type
  • string

Resource type

ManagedClusterAADProfile

AADProfile specifies attributes for Azure Active Directory integration.

Name Type Description
adminGroupObjectIDs
  • string[]

AAD group object IDs that will have admin role of the cluster.

clientAppID
  • string

The client AAD application ID.

enableAzureRBAC
  • boolean

Whether to enable Azure RBAC for Kubernetes authorization.

managed
  • boolean

Whether to enable managed AAD.

serverAppID
  • string

The server AAD application ID.

serverAppSecret
  • string

The server AAD application secret.

tenantID
  • string

The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.

ManagedClusterAddonProfile

A Kubernetes add-on profile for a managed cluster.

Name Type Description
config
  • object

Key-value pairs for configuring an add-on.

enabled
  • boolean

Whether the add-on is enabled or not.

identity

Information of user assigned identity used by this add-on.

ManagedClusterAgentPoolProfile

Profile for the container service agent pool.

Name Type Description
availabilityZones
  • string[]

Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.

count
  • integer

Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.

enableAutoScaling
  • boolean

Whether to enable auto-scaler

enableNodePublicIP
  • boolean

Enable public IP for nodes

maxCount
  • integer

Maximum number of nodes for auto-scaling

maxPods
  • integer

Maximum number of pods that can run on a node.

minCount
  • integer

Minimum number of nodes for auto-scaling

mode

AgentPoolMode represents mode of an agent pool

name
  • string

Unique name of the agent pool profile in the context of the subscription and resource group.

nodeImageVersion
  • string

Version of node image

nodeLabels
  • object

Agent pool node labels to be persisted across all nodes in agent pool.

nodeTaints
  • string[]

Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.

orchestratorVersion
  • string

Version of orchestrator specified when creating the managed cluster.

osDiskSizeGB
  • integer

OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.

osType

OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.

provisioningState
  • string

The current deployment or provisioning state, which only appears in the response.

proximityPlacementGroupID
  • string

The ID for Proximity Placement Group.

scaleSetEvictionPolicy

ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.

scaleSetPriority

ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.

spotMaxPrice
  • number

SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.

tags
  • object

Agent pool tags to be persisted on the agent pool virtual machine scale set.

type

AgentPoolType represents types of an agent pool

upgradeSettings

Settings for upgrading the agentpool

vmSize

Size of agent VMs.

vnetSubnetID
  • string

VNet SubnetID specifies the VNet's subnet identifier.

ManagedClusterAPIServerAccessProfile

Access profile for managed cluster API server.

Name Type Description
authorizedIPRanges
  • string[]

Authorized IP Ranges to kubernetes API server.

enablePrivateCluster
  • boolean

Whether to create the cluster as a private cluster or not.

ManagedClusterIdentity

Identity for the managed cluster.

Name Type Description
principalId
  • string

The principal id of the system assigned identity which is used by master components.

tenantId
  • string

The tenant id of the system assigned identity which is used by master components.

type

The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.

userAssignedIdentities

The user identity associated with the managed cluster. This identity will be used in control plane and only one user assigned identity is allowed. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

ManagedClusterLoadBalancerProfile

Profile of the managed cluster load balancer.

Name Type Description
allocatedOutboundPorts
  • integer

Desired number of allocated SNAT ports per VM. Allowed values must be in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.

effectiveOutboundIPs

The effective outbound IP resources of the cluster load balancer.

idleTimeoutInMinutes
  • integer

Desired outbound flow idle timeout in minutes. Allowed values must be in the range of 4 to 120 (inclusive). The default value is 30 minutes.

managedOutboundIPs

Desired managed outbound IPs for the cluster load balancer.

outboundIPPrefixes

Desired outbound IP Prefix resources for the cluster load balancer.

outboundIPs

Desired outbound IP resources for the cluster load balancer.

ManagedClusterServicePrincipalProfile

Information about a service principal identity for the cluster to use for manipulating Azure APIs.

Name Type Description
clientId
  • string

The ID for the service principal.

secret
  • string

The secret password associated with the service principal in plain text.

ManagedClusterSKU

Name Type Description
name

Name of a managed cluster SKU.

tier

Tier of a managed cluster SKU.

ManagedClusterSKUName

Name of a managed cluster SKU.

Name Type Description
Basic
  • string

ManagedClusterSKUTier

Tier of a managed cluster SKU.

Name Type Description
Free
  • string
Paid
  • string

ManagedClusterWindowsProfile

Profile for Windows VMs in the container service cluster.

Name Type Description
adminPassword
  • string

The administrator password to use for Windows VMs.

adminUsername
  • string

The administrator username to use for Windows VMs.

ManagedOutboundIPs

Desired managed outbound IPs for the cluster load balancer.

Name Type Description
count
  • integer

Desired number of outbound IP created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.

networkMode

Network mode used for building Kubernetes network.

Name Type Description
bridge
  • string
transparent
  • string

NetworkPlugin

Network plugin used for building Kubernetes network.

Name Type Description
azure
  • string
kubenet
  • string

NetworkPolicy

Network policy used for building Kubernetes network.

Name Type Description
azure
  • string
calico
  • string

OSType

OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.

Name Type Description
Linux
  • string
Windows
  • string

OutboundIPPrefixes

Desired outbound IP Prefix resources for the cluster load balancer.

Name Type Description
publicIPPrefixes

A list of public IP prefix resources.

OutboundIPs

Desired outbound IP resources for the cluster load balancer.

Name Type Description
publicIPs

A list of public IP resources.

outboundType

The outbound (egress) routing method.

Name Type Description
loadBalancer
  • string
userDefinedRouting
  • string

ResourceIdentityType

The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.

Name Type Description
None
  • string
SystemAssigned
  • string
UserAssigned
  • string

ResourceReference

A reference to an Azure resource.

Name Type Description
id
  • string

The fully qualified Azure resource id.

ScaleSetEvictionPolicy

ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.

Name Type Description
Deallocate
  • string
Delete
  • string

ScaleSetPriority

ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.

Name Type Description
Regular
  • string
Spot
  • string

UserAssignedIdentities

The user identity associated with the managed cluster. This identity will be used in control plane and only one user assigned identity is allowed. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

Name Type Description