Managed Clusters - Create Or Update

Creates or updates a managed cluster.
Creates or updates a managed cluster with the specified configuration for agents and Kubernetes version.

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}?api-version=2019-04-01

URI Parameters

Name In Required Type Description
subscriptionId
path True
  • string

Subscription credentials which uniquely identify Microsoft Azure subscription. The subscription ID forms part of the URI for every service call.

resourceGroupName
path True
  • string

The name of the resource group.

resourceName
path True
  • string

The name of the managed cluster resource.

Regex pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$

api-version
query True
  • string

Client Api Version.

Request Body

Name Required Type Description
identity

The identity of the managed cluster, if configured.

location True
  • string

Resource location

properties.aadProfile

Profile of Azure Active Directory configuration.

properties.addonProfiles

Profile of managed cluster add-on.

properties.agentPoolProfiles

Properties of the agent pool.

properties.apiServerAuthorizedIPRanges
  • string[]

(PREVIEW) Authorized IP Ranges to kubernetes API server.

properties.dnsPrefix
  • string

DNS prefix specified when creating the managed cluster.

properties.enablePodSecurityPolicy
  • boolean

(PREVIEW) Whether to enable Kubernetes Pod security policy.

properties.enableRBAC
  • boolean

Whether to enable Kubernetes Role-Based Access Control.

properties.kubernetesVersion
  • string

Version of Kubernetes specified when creating the managed cluster.

properties.linuxProfile

Profile for Linux VMs in the container service cluster.

properties.networkProfile

Profile of network configuration.

properties.nodeResourceGroup
  • string

Name of the resource group containing agent pool nodes.

properties.servicePrincipalProfile

Information about a service principal identity for the cluster to use for manipulating Azure APIs.

properties.windowsProfile

Profile for Windows VMs in the container service cluster.

tags
  • object

Resource tags

Responses

Name Type Description
200 OK

OK

201 Created

Created

Other Status Codes

Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

Create/Update Managed Cluster

Sample Request

PUT https://management.azure.com/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2019-04-01
{
  "location": "location1",
  "tags": {
    "tier": "production",
    "archv2": ""
  },
  "properties": {
    "kubernetesVersion": "",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "osType": "Linux"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "networkProfile": {
      "loadBalancerSku": "basic"
    },
    "windowsProfile": {
      "adminUsername": "azureuser",
      "adminPassword": "replacePassword1234$"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid",
      "secret": "secret"
    },
    "addonProfiles": {},
    "enableRBAC": true,
    "enablePodSecurityPolicy": true
  }
}

Sample Response

{
  "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
  "location": "location1",
  "name": "clustername1",
  "tags": {
    "archv2": "",
    "tier": "production"
  },
  "type": "Microsoft.ContainerService/ManagedClusters",
  "properties": {
    "provisioningState": "Succeeded",
    "maxAgentPools": 1,
    "kubernetesVersion": "1.9.6",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "maxPods": 110,
        "osType": "Linux",
        "provisioningState": "Succeeded",
        "orchestratorVersion": "1.9.6"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "windowsProfile": {
      "adminUsername": "azureuser"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid"
    },
    "nodeResourceGroup": "MC_rg1_clustername1_location1",
    "enableRBAC": true,
    "enablePodSecurityPolicy": true,
    "fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
    "networkProfile": {
      "loadBalancerSku": "basic",
      "networkPlugin": "kubenet",
      "podCidr": "10.244.0.0/16",
      "serviceCidr": "10.0.0.0/16",
      "dnsServiceIP": "10.0.0.10",
      "dockerBridgeCidr": "172.17.0.1/16"
    }
  }
}
{
  "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
  "location": "location1",
  "name": "clustername1",
  "tags": {
    "archv2": "",
    "tier": "production"
  },
  "type": "Microsoft.ContainerService/ManagedClusters",
  "properties": {
    "provisioningState": "Creating",
    "maxAgentPools": 1,
    "kubernetesVersion": "1.9.6",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "maxPods": 110,
        "osType": "Linux",
        "provisioningState": "Creating",
        "orchestratorVersion": "1.9.6"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "windowsProfile": {
      "adminUsername": "azureuser"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid"
    },
    "nodeResourceGroup": "MC_rg1_clustername1_location1",
    "enableRBAC": true,
    "enablePodSecurityPolicy": true,
    "networkProfile": {
      "loadBalancerSku": "basic",
      "networkPlugin": "kubenet",
      "podCidr": "10.244.0.0/16",
      "serviceCidr": "10.0.0.0/16",
      "dnsServiceIP": "10.0.0.10",
      "dockerBridgeCidr": "172.17.0.1/16"
    }
  }
}

Definitions

AgentPoolType

AgentPoolType represents types of an agent pool. VirtualMachineScaleSets type is still in PREVIEW.

CloudError

An error response from the Container service.

CloudErrorBody

An error response from the Container service.

ContainerServiceLinuxProfile

Profile for Linux VMs in the container service cluster.

ContainerServiceNetworkProfile

Profile of network configuration.

ContainerServiceSshConfiguration

SSH configuration for Linux-based VMs running on Azure.

ContainerServiceSshPublicKey

Contains information about SSH certificate public key data.

ContainerServiceVMSizeTypes

Size of agent VMs.

loadBalancerSku

The load balancer sku for the managed cluster.

ManagedCluster

Managed cluster.

ManagedClusterAADProfile

AADProfile specifies attributes for Azure Active Directory integration.

ManagedClusterAddonProfile

A Kubernetes add-on profile for a managed cluster.

ManagedClusterAgentPoolProfile

Profile for the container service agent pool.

ManagedClusterIdentity

Identity for the managed cluster.

ManagedClusterServicePrincipalProfile

Information about a service principal identity for the cluster to use for manipulating Azure APIs.

ManagedClusterWindowsProfile

Profile for Windows VMs in the container service cluster.

NetworkPlugin

Network plugin used for building Kubernetes network.

NetworkPolicy

Network policy used for building Kubernetes network.

OSType

OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.

ResourceIdentityType

The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.

AgentPoolType

AgentPoolType represents types of an agent pool. VirtualMachineScaleSets type is still in PREVIEW.

Name Type Description
AvailabilitySet
  • string
VirtualMachineScaleSets
  • string

CloudError

An error response from the Container service.

Name Type Description
error

Details about the error.

CloudErrorBody

An error response from the Container service.

Name Type Description
code
  • string

An identifier for the error. Codes are invariant and are intended to be consumed programmatically.

details

A list of additional details about the error.

message
  • string

A message describing the error, intended to be suitable for display in a user interface.

target
  • string

The target of the particular error. For example, the name of the property in error.

ContainerServiceLinuxProfile

Profile for Linux VMs in the container service cluster.

Name Type Description
adminUsername
  • string

The administrator username to use for Linux VMs.

ssh

SSH configuration for Linux-based VMs running on Azure.

ContainerServiceNetworkProfile

Profile of network configuration.

Name Type Description
dnsServiceIP
  • string

An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.

dockerBridgeCidr
  • string

A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.

loadBalancerSku

The load balancer sku for the managed cluster.

networkPlugin

Network plugin used for building Kubernetes network.

networkPolicy

Network policy used for building Kubernetes network.

podCidr
  • string

A CIDR notation IP range from which to assign pod IPs when kubenet is used.

serviceCidr
  • string

A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.

ContainerServiceSshConfiguration

SSH configuration for Linux-based VMs running on Azure.

Name Type Description
publicKeys

The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.

ContainerServiceSshPublicKey

Contains information about SSH certificate public key data.

Name Type Description
keyData
  • string

Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.

ContainerServiceVMSizeTypes

Size of agent VMs.

Name Type Description
Standard_A1
  • string
Standard_A10
  • string
Standard_A11
  • string
Standard_A1_v2
  • string
Standard_A2
  • string
Standard_A2_v2
  • string
Standard_A2m_v2
  • string
Standard_A3
  • string
Standard_A4
  • string
Standard_A4_v2
  • string
Standard_A4m_v2
  • string
Standard_A5
  • string
Standard_A6
  • string
Standard_A7
  • string
Standard_A8
  • string
Standard_A8_v2
  • string
Standard_A8m_v2
  • string
Standard_A9
  • string
Standard_B2ms
  • string
Standard_B2s
  • string
Standard_B4ms
  • string
Standard_B8ms
  • string
Standard_D1
  • string
Standard_D11
  • string
Standard_D11_v2
  • string
Standard_D11_v2_Promo
  • string
Standard_D12
  • string
Standard_D12_v2
  • string
Standard_D12_v2_Promo
  • string
Standard_D13
  • string
Standard_D13_v2
  • string
Standard_D13_v2_Promo
  • string
Standard_D14
  • string
Standard_D14_v2
  • string
Standard_D14_v2_Promo
  • string
Standard_D15_v2
  • string
Standard_D16_v3
  • string
Standard_D16s_v3
  • string
Standard_D1_v2
  • string
Standard_D2
  • string
Standard_D2_v2
  • string
Standard_D2_v2_Promo
  • string
Standard_D2_v3
  • string
Standard_D2s_v3
  • string
Standard_D3
  • string
Standard_D32_v3
  • string
Standard_D32s_v3
  • string
Standard_D3_v2
  • string
Standard_D3_v2_Promo
  • string
Standard_D4
  • string
Standard_D4_v2
  • string
Standard_D4_v2_Promo
  • string
Standard_D4_v3
  • string
Standard_D4s_v3
  • string
Standard_D5_v2
  • string
Standard_D5_v2_Promo
  • string
Standard_D64_v3
  • string
Standard_D64s_v3
  • string
Standard_D8_v3
  • string
Standard_D8s_v3
  • string
Standard_DS1
  • string
Standard_DS11
  • string
Standard_DS11_v2
  • string
Standard_DS11_v2_Promo
  • string
Standard_DS12
  • string
Standard_DS12_v2
  • string
Standard_DS12_v2_Promo
  • string
Standard_DS13
  • string
Standard_DS13-2_v2
  • string
Standard_DS13-4_v2
  • string
Standard_DS13_v2
  • string
Standard_DS13_v2_Promo
  • string
Standard_DS14
  • string
Standard_DS14-4_v2
  • string
Standard_DS14-8_v2
  • string
Standard_DS14_v2
  • string
Standard_DS14_v2_Promo
  • string
Standard_DS15_v2
  • string
Standard_DS1_v2
  • string
Standard_DS2
  • string
Standard_DS2_v2
  • string
Standard_DS2_v2_Promo
  • string
Standard_DS3
  • string
Standard_DS3_v2
  • string
Standard_DS3_v2_Promo
  • string
Standard_DS4
  • string
Standard_DS4_v2
  • string
Standard_DS4_v2_Promo
  • string
Standard_DS5_v2
  • string
Standard_DS5_v2_Promo
  • string
Standard_E16_v3
  • string
Standard_E16s_v3
  • string
Standard_E2_v3
  • string
Standard_E2s_v3
  • string
Standard_E32-16s_v3
  • string
Standard_E32-8s_v3
  • string
Standard_E32_v3
  • string
Standard_E32s_v3
  • string
Standard_E4_v3
  • string
Standard_E4s_v3
  • string
Standard_E64-16s_v3
  • string
Standard_E64-32s_v3
  • string
Standard_E64_v3
  • string
Standard_E64s_v3
  • string
Standard_E8_v3
  • string
Standard_E8s_v3
  • string
Standard_F1
  • string
Standard_F16
  • string
Standard_F16s
  • string
Standard_F16s_v2
  • string
Standard_F1s
  • string
Standard_F2
  • string
Standard_F2s
  • string
Standard_F2s_v2
  • string
Standard_F32s_v2
  • string
Standard_F4
  • string
Standard_F4s
  • string
Standard_F4s_v2
  • string
Standard_F64s_v2
  • string
Standard_F72s_v2
  • string
Standard_F8
  • string
Standard_F8s
  • string
Standard_F8s_v2
  • string
Standard_G1
  • string
Standard_G2
  • string
Standard_G3
  • string
Standard_G4
  • string
Standard_G5
  • string
Standard_GS1
  • string
Standard_GS2
  • string
Standard_GS3
  • string
Standard_GS4
  • string
Standard_GS4-4
  • string
Standard_GS4-8
  • string
Standard_GS5
  • string
Standard_GS5-16
  • string
Standard_GS5-8
  • string
Standard_H16
  • string
Standard_H16m
  • string
Standard_H16mr
  • string
Standard_H16r
  • string
Standard_H8
  • string
Standard_H8m
  • string
Standard_L16s
  • string
Standard_L32s
  • string
Standard_L4s
  • string
Standard_L8s
  • string
Standard_M128-32ms
  • string
Standard_M128-64ms
  • string
Standard_M128ms
  • string
Standard_M128s
  • string
Standard_M64-16ms
  • string
Standard_M64-32ms
  • string
Standard_M64ms
  • string
Standard_M64s
  • string
Standard_NC12
  • string
Standard_NC12s_v2
  • string
Standard_NC12s_v3
  • string
Standard_NC24
  • string
Standard_NC24r
  • string
Standard_NC24rs_v2
  • string
Standard_NC24rs_v3
  • string
Standard_NC24s_v2
  • string
Standard_NC24s_v3
  • string
Standard_NC6
  • string
Standard_NC6s_v2
  • string
Standard_NC6s_v3
  • string
Standard_ND12s
  • string
Standard_ND24rs
  • string
Standard_ND24s
  • string
Standard_ND6s
  • string
Standard_NV12
  • string
Standard_NV24
  • string
Standard_NV6
  • string

loadBalancerSku

The load balancer sku for the managed cluster.

Name Type Description
basic
  • string
standard
  • string

ManagedCluster

Managed cluster.

Name Type Description
id
  • string

Resource Id

identity

The identity of the managed cluster, if configured.

location
  • string

Resource location

name
  • string

Resource name

properties.aadProfile

Profile of Azure Active Directory configuration.

properties.addonProfiles

Profile of managed cluster add-on.

properties.agentPoolProfiles

Properties of the agent pool.

properties.apiServerAuthorizedIPRanges
  • string[]

(PREVIEW) Authorized IP Ranges to kubernetes API server.

properties.dnsPrefix
  • string

DNS prefix specified when creating the managed cluster.

properties.enablePodSecurityPolicy
  • boolean

(PREVIEW) Whether to enable Kubernetes Pod security policy.

properties.enableRBAC
  • boolean

Whether to enable Kubernetes Role-Based Access Control.

properties.fqdn
  • string

FQDN for the master pool.

properties.kubernetesVersion
  • string

Version of Kubernetes specified when creating the managed cluster.

properties.linuxProfile

Profile for Linux VMs in the container service cluster.

properties.maxAgentPools
  • integer

The max number of agent pools for the managed cluster.

properties.networkProfile

Profile of network configuration.

properties.nodeResourceGroup
  • string

Name of the resource group containing agent pool nodes.

properties.provisioningState
  • string

The current deployment or provisioning state, which only appears in the response.

properties.servicePrincipalProfile

Information about a service principal identity for the cluster to use for manipulating Azure APIs.

properties.windowsProfile

Profile for Windows VMs in the container service cluster.

tags
  • object

Resource tags

type
  • string

Resource type

ManagedClusterAADProfile

AADProfile specifies attributes for Azure Active Directory integration.

Name Type Description
clientAppID
  • string

The client AAD application ID.

serverAppID
  • string

The server AAD application ID.

serverAppSecret
  • string

The server AAD application secret.

tenantID
  • string

The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.

ManagedClusterAddonProfile

A Kubernetes add-on profile for a managed cluster.

Name Type Description
config
  • object

Key-value pairs for configuring an add-on.

enabled
  • boolean

Whether the add-on is enabled or not.

ManagedClusterAgentPoolProfile

Profile for the container service agent pool.

Name Type Description
availabilityZones
  • string[]

(PREVIEW) Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.

count
  • integer

Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.

enableAutoScaling
  • boolean

Whether to enable auto-scaler

maxCount
  • integer

Maximum number of nodes for auto-scaling

maxPods
  • integer

Maximum number of pods that can run on a node.

minCount
  • integer

Minimum number of nodes for auto-scaling

name
  • string

Unique name of the agent pool profile in the context of the subscription and resource group.

orchestratorVersion
  • string

Version of orchestrator specified when creating the managed cluster.

osDiskSizeGB
  • integer

OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.

osType

OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.

provisioningState
  • string

The current deployment or provisioning state, which only appears in the response.

type

AgentPoolType represents types of an agent pool

vmSize

Size of agent VMs.

vnetSubnetID
  • string

VNet SubnetID specifies the VNet's subnet identifier.

ManagedClusterIdentity

Identity for the managed cluster.

Name Type Description
principalId
  • string

The principal id of the system assigned identity which is used by master components.

tenantId
  • string

The tenant id of the system assigned identity which is used by master components.

type

The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.

ManagedClusterServicePrincipalProfile

Information about a service principal identity for the cluster to use for manipulating Azure APIs.

Name Type Description
clientId
  • string

The ID for the service principal.

secret
  • string

The secret password associated with the service principal in plain text.

ManagedClusterWindowsProfile

Profile for Windows VMs in the container service cluster.

Name Type Description
adminPassword
  • string

The administrator password to use for Windows VMs.

adminUsername
  • string

The administrator username to use for Windows VMs.

NetworkPlugin

Network plugin used for building Kubernetes network.

Name Type Description
azure
  • string
kubenet
  • string

NetworkPolicy

Network policy used for building Kubernetes network.

Name Type Description
azure
  • string
calico
  • string

OSType

OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.

Name Type Description
Linux
  • string
Windows
  • string

ResourceIdentityType

The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.

Name Type Description
None
  • string
SystemAssigned
  • string