Packages:

infrastructure.cluster.x-k8s.io/v1beta1

Resource Types:

    AADProfile

    (Appears on:AzureManagedControlPlaneClassSpec)

    AADProfile - AAD integration managed by AKS. See also AKS doc.

    Field Description
    managed
    bool

    Managed - Whether to enable managed AAD.

    adminGroupObjectIDs
    []string

    AdminGroupObjectIDs - AAD group object IDs that will have admin role of the cluster.

    AKSAssignedIdentity (string alias)

    (Appears on:AKSExtension)

    AKSAssignedIdentity defines the AKS assigned-identity of the aks marketplace extension, if configured.

    Value Description

    "SystemAssigned"

    AKSAssignedIdentitySystemAssigned …

    "UserAssigned"

    AKSAssignedIdentityUserAssigned …

    AKSExtension

    (Appears on:AzureManagedControlPlaneClassSpec)

    AKSExtension represents the configuration for an AKS cluster extension. See also AKS doc.

    Field Description
    name
    string

    Name is the name of the extension.

    aksAssignedIdentityType
    AKSAssignedIdentity
    (Optional)

    AKSAssignedIdentityType is the type of the AKS assigned identity.

    autoUpgradeMinorVersion
    bool
    (Optional)

    AutoUpgradeMinorVersion is a flag to note if this extension participates in auto upgrade of minor version, or not.

    configurationSettings
    map[string]string
    (Optional)

    ConfigurationSettings are the name-value pairs for configuring this extension.

    extensionType
    string

    ExtensionType is the type of the Extension of which this resource is an instance. It must be one of the Extension Types registered with Microsoft.KubernetesConfiguration by the Extension publisher.

    plan
    ExtensionPlan
    (Optional)

    Plan is the plan of the extension.

    releaseTrain
    string
    (Optional)

    ReleaseTrain is the release train this extension participates in for auto-upgrade (e.g. Stable, Preview, etc.) This is only used if autoUpgradeMinorVersion is ‘true’.

    scope
    ExtensionScope
    (Optional)

    Scope is the scope at which this extension is enabled.

    version
    string
    (Optional)

    Version is the version of the extension.

    identity
    ExtensionIdentity
    (Optional)

    Identity is the identity type of the Extension resource in an AKS cluster.

    AKSSku

    (Appears on:AzureManagedControlPlaneClassSpec)

    AKSSku - AKS SKU.

    Field Description
    tier
    AzureManagedControlPlaneSkuTier

    Tier - Tier of an AKS cluster.

    APIServerAccessProfile

    (Appears on:AzureManagedControlPlaneClassSpec)

    APIServerAccessProfile tunes the accessibility of the cluster’s control plane. See also AKS doc.

    Field Description
    authorizedIPRanges
    []string
    (Optional)

    AuthorizedIPRanges - Authorized IP Ranges to kubernetes API server.

    APIServerAccessProfileClassSpec
    APIServerAccessProfileClassSpec

    (Members of APIServerAccessProfileClassSpec are embedded into this type.)

    APIServerAccessProfileClassSpec

    (Appears on:APIServerAccessProfile)

    APIServerAccessProfileClassSpec defines the APIServerAccessProfile properties that may be shared across several API server access profiles.

    Field Description
    enablePrivateCluster
    bool
    (Optional)

    EnablePrivateCluster indicates whether to create the cluster as a private cluster or not.

    privateDNSZone
    string
    (Optional)

    PrivateDNSZone enables private dns zone mode for private cluster.

    enablePrivateClusterPublicFQDN
    bool
    (Optional)

    EnablePrivateClusterPublicFQDN indicates whether to create additional public FQDN for private cluster or not.

    AdditionalCapabilities

    (Appears on:AzureMachineSpec)

    AdditionalCapabilities enables or disables a capability on the virtual machine.

    Field Description
    ultraSSDEnabled
    bool
    (Optional)

    UltraSSDEnabled enables or disables Azure UltraSSD capability for the virtual machine. Defaults to true if Ultra SSD data disks are specified, otherwise it doesn’t set the capability on the VM.

    AddonProfile

    (Appears on:AzureManagedControlPlaneClassSpec)

    AddonProfile represents a managed cluster add-on.

    Field Description
    name
    string

    Name - The name of the managed cluster add-on.

    config
    map[string]string
    (Optional)

    Config - Key-value pairs for configuring the add-on.

    enabled
    bool

    Enabled - Whether the add-on is enabled or not.

    AddressRecord

    AddressRecord specifies a DNS record mapping a hostname to an IPV4 or IPv6 address.

    Field Description
    Hostname
    string
    IP
    string

    AllowedNamespaces

    (Appears on:AzureClusterIdentitySpec)

    AllowedNamespaces defines the namespaces the clusters are allowed to use the identity from NamespaceList takes precedence over the Selector.

    Field Description
    list
    []string
    (Optional)

    A nil or empty list indicates that AzureCluster cannot use the identity from any namespace.

    selector
    Kubernetes meta/v1.LabelSelector
    (Optional)

    Selector is a selector of namespaces that AzureCluster can use this Identity from. This is a standard Kubernetes LabelSelector, a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed.

    A nil or empty selector indicates that AzureCluster cannot use this AzureClusterIdentity from any namespace.

    AutoScalerProfile

    (Appears on:AzureManagedControlPlaneClassSpec)

    AutoScalerProfile parameters to be applied to the cluster-autoscaler. See also AKS doc, K8s doc.

    Field Description
    balanceSimilarNodeGroups
    BalanceSimilarNodeGroups
    (Optional)

    BalanceSimilarNodeGroups - Valid values are ‘true’ and ‘false’. The default is false.

    expander
    Expander
    (Optional)

    Expander - If not specified, the default is ‘random’. See expanders for more information.

    maxEmptyBulkDelete
    string
    (Optional)

    MaxEmptyBulkDelete - The default is 10.

    maxGracefulTerminationSec
    string
    (Optional)

    MaxGracefulTerminationSec - The default is 600.

    maxNodeProvisionTime
    string
    (Optional)

    MaxNodeProvisionTime - The default is ‘15m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    maxTotalUnreadyPercentage
    string
    (Optional)

    MaxTotalUnreadyPercentage - The default is 45. The maximum is 100 and the minimum is 0.

    newPodScaleUpDelay
    string
    (Optional)

    NewPodScaleUpDelay - For scenarios like burst/batch scale where you don’t want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they’re a certain age. The default is ‘0s’. Values must be an integer followed by a unit (’s’ for seconds, ’m’ for minutes, ‘h’ for hours, etc).

    okTotalUnreadyCount
    string
    (Optional)

    OkTotalUnreadyCount - This must be an integer. The default is 3.

    scanInterval
    string
    (Optional)

    ScanInterval - How often cluster is reevaluated for scale up or down. The default is ‘10s’.

    scaleDownDelayAfterAdd
    string
    (Optional)

    ScaleDownDelayAfterAdd - The default is ‘10m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    scaleDownDelayAfterDelete
    string
    (Optional)

    ScaleDownDelayAfterDelete - The default is the scan-interval. Values must be an integer followed by an ’s’. No unit of time other than seconds (s) is supported.

    scaleDownDelayAfterFailure
    string
    (Optional)

    ScaleDownDelayAfterFailure - The default is ‘3m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    scaleDownUnneededTime
    string
    (Optional)

    ScaleDownUnneededTime - The default is ‘10m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    scaleDownUnreadyTime
    string
    (Optional)

    ScaleDownUnreadyTime - The default is ‘20m’. Values must be an integer followed by an ’m’. No unit of time other than minutes (m) is supported.

    scaleDownUtilizationThreshold
    string
    (Optional)

    ScaleDownUtilizationThreshold - The default is ‘0.5’.

    skipNodesWithLocalStorage
    SkipNodesWithLocalStorage
    (Optional)

    SkipNodesWithLocalStorage - The default is false.

    skipNodesWithSystemPods
    SkipNodesWithSystemPods
    (Optional)

    SkipNodesWithSystemPods - The default is true.

    AzureBastion

    (Appears on:BastionSpec)

    AzureBastion specifies how the Azure Bastion cloud component should be configured.

    Field Description
    name
    string
    (Optional)
    subnet
    SubnetSpec
    (Optional)
    publicIP
    PublicIPSpec
    (Optional)
    sku
    BastionHostSkuName
    (Optional)

    BastionHostSkuName configures the tier of the Azure Bastion Host. Can be either Basic or Standard. Defaults to Basic.

    enableTunneling
    bool
    (Optional)

    EnableTunneling enables the native client support feature for the Azure Bastion Host. Defaults to false.

    AzureBastionTemplateSpec

    (Appears on:BastionTemplateSpec)

    AzureBastionTemplateSpec specifies a template for an Azure Bastion host.

    Field Description
    subnet
    SubnetTemplateSpec
    (Optional)

    AzureCluster

    AzureCluster is the Schema for the azureclusters API.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    AzureClusterSpec


    AzureClusterClassSpec
    AzureClusterClassSpec

    (Members of AzureClusterClassSpec are embedded into this type.)

    networkSpec
    NetworkSpec
    (Optional)

    NetworkSpec encapsulates all things related to Azure network.

    resourceGroup
    string
    (Optional)
    bastionSpec
    BastionSpec
    (Optional)

    BastionSpec encapsulates all things related to the Bastions in the cluster.

    controlPlaneEndpoint
    sigs.k8s.io/cluster-api/api/v1beta1.APIEndpoint
    (Optional)

    ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. It is not recommended to set this when creating an AzureCluster as CAPZ will set this for you. However, if it is set, CAPZ will not change it.

    status
    AzureClusterStatus

    AzureClusterClassSpec

    (Appears on:AzureClusterSpec, AzureClusterTemplateResourceSpec)

    AzureClusterClassSpec defines the AzureCluster properties that may be shared across several Azure clusters.

    Field Description
    subscriptionID
    string
    (Optional)
    location
    string
    extendedLocation
    ExtendedLocationSpec
    (Optional)

    ExtendedLocation is an optional set of ExtendedLocation properties for clusters on Azure public MEC.

    additionalTags
    Tags
    (Optional)

    AdditionalTags is an optional set of tags to add to Azure resources managed by the Azure provider, in addition to the ones added by default.

    identityRef
    Kubernetes core/v1.ObjectReference
    (Optional)

    IdentityRef is a reference to an AzureIdentity to be used when reconciling this cluster

    azureEnvironment
    string
    (Optional)

    AzureEnvironment is the name of the AzureCloud to be used. The default value that would be used by most users is “AzurePublicCloud”, other values are: - ChinaCloud: “AzureChinaCloud” - GermanCloud: “AzureGermanCloud” - PublicCloud: “AzurePublicCloud” - USGovernmentCloud: “AzureUSGovernmentCloud”

    Note that values other than the default must also be accompanied by corresponding changes to the aso-controller-settings Secret to configure ASO to refer to the non-Public cloud. ASO currently does not support referring to multiple different clouds in a single installation. The following fields must be defined in the Secret: - AZURE_AUTHORITY_HOST - AZURE_RESOURCE_MANAGER_ENDPOINT - AZURE_RESOURCE_MANAGER_AUDIENCE

    See the ASO docs for more details.

    cloudProviderConfigOverrides
    CloudProviderConfigOverrides
    (Optional)

    CloudProviderConfigOverrides is an optional set of configuration values that can be overridden in azure cloud provider config. This is only a subset of options that are available in azure cloud provider config. Some values for the cloud provider config are inferred from other parts of cluster api provider azure spec, and may not be available for overrides. See: https://cloud-provider-azure.sigs.k8s.io/install/configs Note: All cloud provider config values can be customized by creating the secret beforehand. CloudProviderConfigOverrides is only used when the secret is managed by the Azure Provider.

    failureDomains
    sigs.k8s.io/cluster-api/api/v1beta1.FailureDomains
    (Optional)

    FailureDomains is a list of failure domains in the cluster’s region, used to restrict eligibility to host the control plane. A FailureDomain maps to an availability zone, which is a separated group of datacenters within a region. See: https://learn.microsoft.com/azure/reliability/availability-zones-overview

    AzureClusterIdentity

    AzureClusterIdentity is the Schema for the azureclustersidentities API.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    AzureClusterIdentitySpec


    type
    IdentityType

    Type is the type of Azure Identity used. ServicePrincipal, ServicePrincipalCertificate, UserAssignedMSI, ManualServicePrincipal or WorkloadIdentity.

    resourceID
    string
    (Optional)

    ResourceID is the Azure resource ID for the User Assigned MSI resource. Only applicable when type is UserAssignedMSI.

    Deprecated: This field no longer has any effect.

    clientID
    string

    ClientID is the service principal client ID. Both User Assigned MSI and SP can use this field.

    clientSecret
    Kubernetes core/v1.SecretReference
    (Optional)

    ClientSecret is a secret reference which should contain either a Service Principal password or certificate secret.

    tenantID
    string

    TenantID is the service principal primary tenant id.

    allowedNamespaces
    AllowedNamespaces
    (Optional)

    AllowedNamespaces is used to identify the namespaces the clusters are allowed to use the identity from. Namespaces can be selected either using an array of namespaces or with label selector. An empty allowedNamespaces object indicates that AzureClusters can use this identity from any namespace. If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) A namespace should be either in the NamespaceList or match with Selector to use the identity.

    status
    AzureClusterIdentityStatus

    AzureClusterIdentitySpec

    (Appears on:AzureClusterIdentity)

    AzureClusterIdentitySpec defines the parameters that are used to create an AzureIdentity.

    Field Description
    type
    IdentityType

    Type is the type of Azure Identity used. ServicePrincipal, ServicePrincipalCertificate, UserAssignedMSI, ManualServicePrincipal or WorkloadIdentity.

    resourceID
    string
    (Optional)

    ResourceID is the Azure resource ID for the User Assigned MSI resource. Only applicable when type is UserAssignedMSI.

    Deprecated: This field no longer has any effect.

    clientID
    string

    ClientID is the service principal client ID. Both User Assigned MSI and SP can use this field.

    clientSecret
    Kubernetes core/v1.SecretReference
    (Optional)

    ClientSecret is a secret reference which should contain either a Service Principal password or certificate secret.

    tenantID
    string

    TenantID is the service principal primary tenant id.

    allowedNamespaces
    AllowedNamespaces
    (Optional)

    AllowedNamespaces is used to identify the namespaces the clusters are allowed to use the identity from. Namespaces can be selected either using an array of namespaces or with label selector. An empty allowedNamespaces object indicates that AzureClusters can use this identity from any namespace. If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) A namespace should be either in the NamespaceList or match with Selector to use the identity.

    AzureClusterIdentityStatus

    (Appears on:AzureClusterIdentity)

    AzureClusterIdentityStatus defines the observed state of AzureClusterIdentity.

    Field Description
    conditions
    sigs.k8s.io/cluster-api/api/v1beta1.Conditions
    (Optional)

    Conditions defines current service state of the AzureClusterIdentity.

    AzureClusterSpec

    (Appears on:AzureCluster)

    AzureClusterSpec defines the desired state of AzureCluster.

    Field Description
    AzureClusterClassSpec
    AzureClusterClassSpec

    (Members of AzureClusterClassSpec are embedded into this type.)

    networkSpec
    NetworkSpec
    (Optional)

    NetworkSpec encapsulates all things related to Azure network.

    resourceGroup
    string
    (Optional)
    bastionSpec
    BastionSpec
    (Optional)

    BastionSpec encapsulates all things related to the Bastions in the cluster.

    controlPlaneEndpoint
    sigs.k8s.io/cluster-api/api/v1beta1.APIEndpoint
    (Optional)

    ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. It is not recommended to set this when creating an AzureCluster as CAPZ will set this for you. However, if it is set, CAPZ will not change it.

    AzureClusterStatus

    (Appears on:AzureCluster)

    AzureClusterStatus defines the observed state of AzureCluster.

    Field Description
    failureDomains
    sigs.k8s.io/cluster-api/api/v1beta1.FailureDomains
    (Optional)

    FailureDomains specifies the list of unique failure domains for the location/region of the cluster. A FailureDomain maps to Availability Zone with an Azure Region (if the region support them). An Availability Zone is a separate data center within a region and they can be used to ensure the cluster is more resilient to failure. See: https://learn.microsoft.com/azure/reliability/availability-zones-overview This list will be used by Cluster API to try and spread the machines across the failure domains.

    ready
    bool
    (Optional)

    Ready is true when the provider resource is ready.

    conditions
    sigs.k8s.io/cluster-api/api/v1beta1.Conditions
    (Optional)

    Conditions defines current service state of the AzureCluster.

    longRunningOperationStates
    Futures
    (Optional)

    LongRunningOperationStates saves the states for Azure long-running operations so they can be continued on the next reconciliation loop.

    AzureClusterTemplate

    AzureClusterTemplate is the Schema for the azureclustertemplates API.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    AzureClusterTemplateSpec


    template
    AzureClusterTemplateResource

    AzureClusterTemplateResource

    (Appears on:AzureClusterTemplateSpec)

    AzureClusterTemplateResource describes the data needed to create an AzureCluster from a template.

    Field Description
    spec
    AzureClusterTemplateResourceSpec


    AzureClusterClassSpec
    AzureClusterClassSpec

    (Members of AzureClusterClassSpec are embedded into this type.)

    networkSpec
    NetworkTemplateSpec
    (Optional)

    NetworkSpec encapsulates all things related to Azure network.

    bastionSpec
    BastionTemplateSpec
    (Optional)

    BastionSpec encapsulates all things related to the Bastions in the cluster.

    AzureClusterTemplateResourceSpec

    (Appears on:AzureClusterTemplateResource)

    AzureClusterTemplateResourceSpec specifies an Azure cluster template resource.

    Field Description
    AzureClusterClassSpec
    AzureClusterClassSpec

    (Members of AzureClusterClassSpec are embedded into this type.)

    networkSpec
    NetworkTemplateSpec
    (Optional)

    NetworkSpec encapsulates all things related to Azure network.

    bastionSpec
    BastionTemplateSpec
    (Optional)

    BastionSpec encapsulates all things related to the Bastions in the cluster.

    AzureClusterTemplateSpec

    (Appears on:AzureClusterTemplate)

    AzureClusterTemplateSpec defines the desired state of AzureClusterTemplate.

    Field Description
    template
    AzureClusterTemplateResource

    AzureComputeGalleryImage

    (Appears on:Image)

    AzureComputeGalleryImage defines an image in the Azure Compute Gallery to use for VM creation.

    Field Description
    gallery
    string

    Gallery specifies the name of the compute image gallery that contains the image

    name
    string

    Name is the name of the image

    version
    string

    Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or ‘latest’. Major, Minor, and Build are decimal numbers. Specify ‘latest’ to use the latest version of an image available at deploy time. Even if you use ‘latest’, the VM image will not automatically update after deploy time even if a new version becomes available.

    subscriptionID
    string
    (Optional)

    SubscriptionID is the identifier of the subscription that contains the private compute gallery.

    resourceGroup
    string
    (Optional)

    ResourceGroup specifies the resource group containing the private compute gallery.

    plan
    ImagePlan
    (Optional)

    Plan contains plan information.

    AzureKeyVaultKms

    (Appears on:ManagedClusterSecurityProfile)

    AzureKeyVaultKms service settings for the security profile. See also AKS doc.

    Field Description
    enabled
    bool

    Enabled enables the Azure Key Vault key management service. The default is false.

    keyID
    string

    KeyID defines the Identifier of Azure Key Vault key. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier.

    keyVaultNetworkAccess
    KeyVaultNetworkAccessTypes
    (Optional)

    KeyVaultNetworkAccess defines the network access of key vault. The possible values are Public and Private. Public means the key vault allows public access from all networks. Private means the key vault disables public access and enables private link. The default value is Public.

    keyVaultResourceID
    string
    (Optional)

    KeyVaultResourceID is the Resource ID of key vault. When keyVaultNetworkAccess is Private, this field is required and must be a valid resource ID.

    AzureMachine

    AzureMachine is the Schema for the azuremachines API.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    AzureMachineSpec


    providerID
    string
    (Optional)

    ProviderID is the unique identifier as specified by the cloud provider.

    vmSize
    string
    failureDomain
    string
    (Optional)

    FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. This relates to an Azure Availability Zone

    image
    Image
    (Optional)

    Image is used to provide details of an image to use during VM creation. If image details are omitted the image will default the Azure Marketplace “capi” offer, which is based on Ubuntu.

    identity
    VMIdentity
    (Optional)

    Identity is the type of identity used for the virtual machine. The type ‘SystemAssigned’ is an implicitly created identity. The generated identity will be assigned a Subscription contributor role. The type ‘UserAssigned’ is a standalone Azure resource provided by the user and assigned to the VM

    userAssignedIdentities
    []UserAssignedIdentity
    (Optional)

    UserAssignedIdentities is a list of standalone Azure identities provided by the user The lifecycle of a user-assigned identity is managed separately from the lifecycle of the AzureMachine. See https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-cli

    systemAssignedIdentityRole
    SystemAssignedIdentityRole
    (Optional)

    SystemAssignedIdentityRole defines the role and scope to assign to the system-assigned identity.

    roleAssignmentName
    string
    (Optional)

    Deprecated: RoleAssignmentName should be set in the systemAssignedIdentityRole field.

    osDisk
    OSDisk

    OSDisk specifies the parameters for the operating system disk of the machine

    dataDisks
    []DataDisk
    (Optional)

    DataDisk specifies the parameters that are used to add one or more data disks to the machine

    sshPublicKey
    string
    (Optional)

    SSHPublicKey is the SSH public key string, base64-encoded to add to a Virtual Machine. Linux only. Refer to documentation on how to set up SSH access on Windows instances.

    additionalTags
    Tags
    (Optional)

    AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the Azure provider. If both the AzureCluster and the AzureMachine specify the same tag name with different values, the AzureMachine’s value takes precedence.

    additionalCapabilities
    AdditionalCapabilities
    (Optional)

    AdditionalCapabilities specifies additional capabilities enabled or disabled on the virtual machine.

    allocatePublicIP
    bool
    (Optional)

    AllocatePublicIP allows the ability to create dynamic public ips for machines where this value is true.

    enableIPForwarding
    bool
    (Optional)

    EnableIPForwarding enables IP Forwarding in Azure which is required for some CNI’s to send traffic from a pods on one machine to another. This is required for IpV6 with Calico in combination with User Defined Routes (set by the Azure Cloud Controller manager). Default is false for disabled.

    acceleratedNetworking
    bool
    (Optional)

    Deprecated: AcceleratedNetworking should be set in the networkInterfaces field.

    diagnostics
    Diagnostics
    (Optional)

    Diagnostics specifies the diagnostics settings for a virtual machine. If not specified then Boot diagnostics (Managed) will be enabled.

    spotVMOptions
    SpotVMOptions
    (Optional)

    SpotVMOptions allows the ability to specify the Machine should use a Spot VM

    securityProfile
    SecurityProfile
    (Optional)

    SecurityProfile specifies the Security profile settings for a virtual machine.

    subnetName
    string
    (Optional)

    Deprecated: SubnetName should be set in the networkInterfaces field.

    dnsServers
    []string
    (Optional)

    DNSServers adds a list of DNS Server IP addresses to the VM NICs.

    disableExtensionOperations
    bool
    (Optional)

    DisableExtensionOperations specifies whether extension operations should be disabled on the virtual machine. Use this setting only if VMExtensions are not supported by your image, as it disables CAPZ bootstrapping extension used for detecting Kubernetes bootstrap failure. This may only be set to True when no extensions are configured on the virtual machine.

    vmExtensions
    []VMExtension
    (Optional)

    VMExtensions specifies a list of extensions to be added to the virtual machine.

    networkInterfaces
    []NetworkInterface
    (Optional)

    NetworkInterfaces specifies a list of network interface configurations. If left unspecified, the VM will get a single network interface with a single IPConfig in the subnet specified in the cluster’s node subnet field. The primary interface will be the first networkInterface specified (index 0) in the list.

    capacityReservationGroupID
    string
    (Optional)

    CapacityReservationGroupID specifies the capacity reservation group resource id that should be used for allocating the virtual machine. The field size should be greater than 0 and the field input must start with ‘/’. The input for capacityReservationGroupID must be similar to ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/capacityReservationGroups/{capacityReservationGroupName}’. The keys which are used should be among ‘subscriptions’, ‘providers’ and ‘resourcegroups’ followed by valid ID or names respectively. It is optional but may not be changed once set.

    status
    AzureMachineStatus

    AzureMachineSpec

    (Appears on:AzureMachine, AzureMachineTemplateResource)

    AzureMachineSpec defines the desired state of AzureMachine.

    Field Description
    providerID
    string
    (Optional)

    ProviderID is the unique identifier as specified by the cloud provider.

    vmSize
    string
    failureDomain
    string
    (Optional)

    FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. This relates to an Azure Availability Zone

    image
    Image
    (Optional)

    Image is used to provide details of an image to use during VM creation. If image details are omitted the image will default the Azure Marketplace “capi” offer, which is based on Ubuntu.

    identity
    VMIdentity
    (Optional)

    Identity is the type of identity used for the virtual machine. The type ‘SystemAssigned’ is an implicitly created identity. The generated identity will be assigned a Subscription contributor role. The type ‘UserAssigned’ is a standalone Azure resource provided by the user and assigned to the VM

    userAssignedIdentities
    []UserAssignedIdentity
    (Optional)

    UserAssignedIdentities is a list of standalone Azure identities provided by the user The lifecycle of a user-assigned identity is managed separately from the lifecycle of the AzureMachine. See https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-cli

    systemAssignedIdentityRole
    SystemAssignedIdentityRole
    (Optional)

    SystemAssignedIdentityRole defines the role and scope to assign to the system-assigned identity.

    roleAssignmentName
    string
    (Optional)

    Deprecated: RoleAssignmentName should be set in the systemAssignedIdentityRole field.

    osDisk
    OSDisk

    OSDisk specifies the parameters for the operating system disk of the machine

    dataDisks
    []DataDisk
    (Optional)

    DataDisk specifies the parameters that are used to add one or more data disks to the machine

    sshPublicKey
    string
    (Optional)

    SSHPublicKey is the SSH public key string, base64-encoded to add to a Virtual Machine. Linux only. Refer to documentation on how to set up SSH access on Windows instances.

    additionalTags
    Tags
    (Optional)

    AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the Azure provider. If both the AzureCluster and the AzureMachine specify the same tag name with different values, the AzureMachine’s value takes precedence.

    additionalCapabilities
    AdditionalCapabilities
    (Optional)

    AdditionalCapabilities specifies additional capabilities enabled or disabled on the virtual machine.

    allocatePublicIP
    bool
    (Optional)

    AllocatePublicIP allows the ability to create dynamic public ips for machines where this value is true.

    enableIPForwarding
    bool
    (Optional)

    EnableIPForwarding enables IP Forwarding in Azure which is required for some CNI’s to send traffic from a pods on one machine to another. This is required for IpV6 with Calico in combination with User Defined Routes (set by the Azure Cloud Controller manager). Default is false for disabled.

    acceleratedNetworking
    bool
    (Optional)

    Deprecated: AcceleratedNetworking should be set in the networkInterfaces field.

    diagnostics
    Diagnostics
    (Optional)

    Diagnostics specifies the diagnostics settings for a virtual machine. If not specified then Boot diagnostics (Managed) will be enabled.

    spotVMOptions
    SpotVMOptions
    (Optional)

    SpotVMOptions allows the ability to specify the Machine should use a Spot VM

    securityProfile
    SecurityProfile
    (Optional)

    SecurityProfile specifies the Security profile settings for a virtual machine.

    subnetName
    string
    (Optional)

    Deprecated: SubnetName should be set in the networkInterfaces field.

    dnsServers
    []string
    (Optional)

    DNSServers adds a list of DNS Server IP addresses to the VM NICs.

    disableExtensionOperations
    bool
    (Optional)

    DisableExtensionOperations specifies whether extension operations should be disabled on the virtual machine. Use this setting only if VMExtensions are not supported by your image, as it disables CAPZ bootstrapping extension used for detecting Kubernetes bootstrap failure. This may only be set to True when no extensions are configured on the virtual machine.

    vmExtensions
    []VMExtension
    (Optional)

    VMExtensions specifies a list of extensions to be added to the virtual machine.

    networkInterfaces
    []NetworkInterface
    (Optional)

    NetworkInterfaces specifies a list of network interface configurations. If left unspecified, the VM will get a single network interface with a single IPConfig in the subnet specified in the cluster’s node subnet field. The primary interface will be the first networkInterface specified (index 0) in the list.

    capacityReservationGroupID
    string
    (Optional)

    CapacityReservationGroupID specifies the capacity reservation group resource id that should be used for allocating the virtual machine. The field size should be greater than 0 and the field input must start with ‘/’. The input for capacityReservationGroupID must be similar to ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/capacityReservationGroups/{capacityReservationGroupName}’. The keys which are used should be among ‘subscriptions’, ‘providers’ and ‘resourcegroups’ followed by valid ID or names respectively. It is optional but may not be changed once set.

    AzureMachineStatus

    (Appears on:AzureMachine)

    AzureMachineStatus defines the observed state of AzureMachine.

    Field Description
    ready
    bool
    (Optional)

    Ready is true when the provider resource is ready.

    addresses
    []Kubernetes core/v1.NodeAddress
    (Optional)

    Addresses contains the Azure instance associated addresses.

    vmState
    ProvisioningState
    (Optional)

    VMState is the provisioning state of the Azure virtual machine.

    failureReason
    sigs.k8s.io/cluster-api/errors.MachineStatusError
    (Optional)

    ErrorReason will be set in the event that there is a terminal problem reconciling the Machine and will contain a succinct value suitable for machine interpretation.

    This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

    Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller’s output.

    failureMessage
    string
    (Optional)

    ErrorMessage will be set in the event that there is a terminal problem reconciling the Machine and will contain a more verbose string suitable for logging and human consumption.

    This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine’s spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured.

    Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller’s output.

    conditions
    sigs.k8s.io/cluster-api/api/v1beta1.Conditions
    (Optional)

    Conditions defines current service state of the AzureMachine.

    longRunningOperationStates
    Futures
    (Optional)

    LongRunningOperationStates saves the states for Azure long-running operations so they can be continued on the next reconciliation loop.

    AzureMachineTemplate

    AzureMachineTemplate is the Schema for the azuremachinetemplates API.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    AzureMachineTemplateSpec


    template
    AzureMachineTemplateResource

    AzureMachineTemplateResource

    (Appears on:AzureMachineTemplateSpec)

    AzureMachineTemplateResource describes the data needed to create an AzureMachine from a template.

    Field Description
    metadata
    sigs.k8s.io/cluster-api/api/v1beta1.ObjectMeta
    (Optional) Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    AzureMachineSpec

    Spec is the specification of the desired behavior of the machine.



    providerID
    string
    (Optional)

    ProviderID is the unique identifier as specified by the cloud provider.

    vmSize
    string
    failureDomain
    string
    (Optional)

    FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. This relates to an Azure Availability Zone

    image
    Image
    (Optional)

    Image is used to provide details of an image to use during VM creation. If image details are omitted the image will default the Azure Marketplace “capi” offer, which is based on Ubuntu.

    identity
    VMIdentity
    (Optional)

    Identity is the type of identity used for the virtual machine. The type ‘SystemAssigned’ is an implicitly created identity. The generated identity will be assigned a Subscription contributor role. The type ‘UserAssigned’ is a standalone Azure resource provided by the user and assigned to the VM

    userAssignedIdentities
    []UserAssignedIdentity
    (Optional)

    UserAssignedIdentities is a list of standalone Azure identities provided by the user The lifecycle of a user-assigned identity is managed separately from the lifecycle of the AzureMachine. See https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-cli

    systemAssignedIdentityRole
    SystemAssignedIdentityRole
    (Optional)

    SystemAssignedIdentityRole defines the role and scope to assign to the system-assigned identity.

    roleAssignmentName
    string
    (Optional)

    Deprecated: RoleAssignmentName should be set in the systemAssignedIdentityRole field.

    osDisk
    OSDisk

    OSDisk specifies the parameters for the operating system disk of the machine

    dataDisks
    []DataDisk
    (Optional)

    DataDisk specifies the parameters that are used to add one or more data disks to the machine

    sshPublicKey
    string
    (Optional)

    SSHPublicKey is the SSH public key string, base64-encoded to add to a Virtual Machine. Linux only. Refer to documentation on how to set up SSH access on Windows instances.

    additionalTags
    Tags
    (Optional)

    AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the Azure provider. If both the AzureCluster and the AzureMachine specify the same tag name with different values, the AzureMachine’s value takes precedence.

    additionalCapabilities
    AdditionalCapabilities
    (Optional)

    AdditionalCapabilities specifies additional capabilities enabled or disabled on the virtual machine.

    allocatePublicIP
    bool
    (Optional)

    AllocatePublicIP allows the ability to create dynamic public ips for machines where this value is true.

    enableIPForwarding
    bool
    (Optional)

    EnableIPForwarding enables IP Forwarding in Azure which is required for some CNI’s to send traffic from a pods on one machine to another. This is required for IpV6 with Calico in combination with User Defined Routes (set by the Azure Cloud Controller manager). Default is false for disabled.

    acceleratedNetworking
    bool
    (Optional)

    Deprecated: AcceleratedNetworking should be set in the networkInterfaces field.

    diagnostics
    Diagnostics
    (Optional)

    Diagnostics specifies the diagnostics settings for a virtual machine. If not specified then Boot diagnostics (Managed) will be enabled.

    spotVMOptions
    SpotVMOptions
    (Optional)

    SpotVMOptions allows the ability to specify the Machine should use a Spot VM

    securityProfile
    SecurityProfile
    (Optional)

    SecurityProfile specifies the Security profile settings for a virtual machine.

    subnetName
    string
    (Optional)

    Deprecated: SubnetName should be set in the networkInterfaces field.

    dnsServers
    []string
    (Optional)

    DNSServers adds a list of DNS Server IP addresses to the VM NICs.

    disableExtensionOperations
    bool
    (Optional)

    DisableExtensionOperations specifies whether extension operations should be disabled on the virtual machine. Use this setting only if VMExtensions are not supported by your image, as it disables CAPZ bootstrapping extension used for detecting Kubernetes bootstrap failure. This may only be set to True when no extensions are configured on the virtual machine.

    vmExtensions
    []VMExtension
    (Optional)

    VMExtensions specifies a list of extensions to be added to the virtual machine.

    networkInterfaces
    []NetworkInterface
    (Optional)

    NetworkInterfaces specifies a list of network interface configurations. If left unspecified, the VM will get a single network interface with a single IPConfig in the subnet specified in the cluster’s node subnet field. The primary interface will be the first networkInterface specified (index 0) in the list.

    capacityReservationGroupID
    string
    (Optional)

    CapacityReservationGroupID specifies the capacity reservation group resource id that should be used for allocating the virtual machine. The field size should be greater than 0 and the field input must start with ‘/’. The input for capacityReservationGroupID must be similar to ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/capacityReservationGroups/{capacityReservationGroupName}’. The keys which are used should be among ‘subscriptions’, ‘providers’ and ‘resourcegroups’ followed by valid ID or names respectively. It is optional but may not be changed once set.

    AzureMachineTemplateSpec

    (Appears on:AzureMachineTemplate)

    AzureMachineTemplateSpec defines the desired state of AzureMachineTemplate.

    Field Description
    template
    AzureMachineTemplateResource

    AzureManagedCluster

    AzureManagedCluster is the Schema for the azuremanagedclusters API.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    AzureManagedClusterSpec


    controlPlaneEndpoint
    sigs.k8s.io/cluster-api/api/v1beta1.APIEndpoint
    (Optional)

    ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. Immutable, populated by the AKS API at create. Because this field is programmatically set by CAPZ after resource creation, we define it as +optional in the API schema to permit resource admission.

    status
    AzureManagedClusterStatus

    AzureManagedClusterSpec

    (Appears on:AzureManagedCluster)

    AzureManagedClusterSpec defines the desired state of AzureManagedCluster.

    Field Description
    controlPlaneEndpoint
    sigs.k8s.io/cluster-api/api/v1beta1.APIEndpoint
    (Optional)

    ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. Immutable, populated by the AKS API at create. Because this field is programmatically set by CAPZ after resource creation, we define it as +optional in the API schema to permit resource admission.

    AzureManagedClusterStatus

    (Appears on:AzureManagedCluster)

    AzureManagedClusterStatus defines the observed state of AzureManagedCluster.

    Field Description
    ready
    bool
    (Optional)

    Ready is true when the provider resource is ready.

    AzureManagedClusterTemplate

    AzureManagedClusterTemplate is the Schema for the AzureManagedClusterTemplates API.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    AzureManagedClusterTemplateSpec


    template
    AzureManagedClusterTemplateResource

    AzureManagedClusterTemplateResource

    (Appears on:AzureManagedClusterTemplateSpec)

    AzureManagedClusterTemplateResource describes the data needed to create an AzureManagedCluster from a template.

    Field Description
    spec
    AzureManagedClusterTemplateResourceSpec


    AzureManagedClusterTemplateResourceSpec

    (Appears on:AzureManagedClusterTemplateResource)

    AzureManagedClusterTemplateResourceSpec specifies an Azure managed cluster template resource.

    AzureManagedClusterTemplateSpec

    (Appears on:AzureManagedClusterTemplate)

    AzureManagedClusterTemplateSpec defines the desired state of AzureManagedClusterTemplate.

    Field Description
    template
    AzureManagedClusterTemplateResource

    AzureManagedControlPlane

    AzureManagedControlPlane is the Schema for the azuremanagedcontrolplanes API.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    AzureManagedControlPlaneSpec


    AzureManagedControlPlaneClassSpec
    AzureManagedControlPlaneClassSpec

    (Members of AzureManagedControlPlaneClassSpec are embedded into this type.)

    nodeResourceGroupName
    string
    (Optional)

    NodeResourceGroupName is the name of the resource group containing cluster IaaS resources. Will be populated to default in webhook. Immutable.

    controlPlaneEndpoint
    sigs.k8s.io/cluster-api/api/v1beta1.APIEndpoint
    (Optional)

    ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. Immutable, populated by the AKS API at create.

    sshPublicKey
    string
    (Optional)

    SSHPublicKey is a string literal containing an ssh public key base64 encoded. Use empty string to autogenerate new key. Use null value to not set key. Immutable.

    dnsPrefix
    string
    (Optional)

    DNSPrefix allows the user to customize dns prefix. Immutable.

    fleetsMember
    FleetsMember
    (Optional)

    FleetsMember is the spec for the fleet this cluster is a member of. See also AKS doc.

    status
    AzureManagedControlPlaneStatus

    AzureManagedControlPlaneClassSpec

    (Appears on:AzureManagedControlPlaneSpec, AzureManagedControlPlaneTemplateResourceSpec)

    AzureManagedControlPlaneClassSpec defines the AzureManagedControlPlane properties that may be shared across several azure managed control planes.

    Field Description
    machineTemplate
    AzureManagedControlPlaneTemplateMachineTemplate
    (Optional)

    MachineTemplate contains information about how machines should be shaped when creating or updating a control plane. For the AzureManagedControlPlaneTemplate, this field is used only to fulfill the CAPI contract.

    resourceGroupName
    string

    ResourceGroupName is the name of the Azure resource group for this AKS Cluster. Immutable.

    version
    string

    Version defines the desired Kubernetes version.

    virtualNetwork
    ManagedControlPlaneVirtualNetwork
    (Optional)

    VirtualNetwork describes the virtual network for the AKS cluster. It will be created if it does not already exist.

    subscriptionID
    string
    (Optional)

    SubscriptionID is the GUID of the Azure subscription that owns this cluster.

    location
    string

    Location is a string matching one of the canonical Azure region names. Examples: “westus2”, “eastus”.

    additionalTags
    Tags
    (Optional)

    AdditionalTags is an optional set of tags to add to Azure resources managed by the Azure provider, in addition to the ones added by default.

    networkPlugin
    string
    (Optional)

    NetworkPlugin used for building Kubernetes network.

    networkPluginMode
    NetworkPluginMode
    (Optional)

    NetworkPluginMode is the mode the network plugin should use. Allowed value is “overlay”.

    networkPolicy
    string
    (Optional)

    NetworkPolicy used for building Kubernetes network.

    networkDataplane
    NetworkDataplaneType
    (Optional)

    NetworkDataplane is the dataplane used for building the Kubernetes network.

    outboundType
    ManagedControlPlaneOutboundType
    (Optional)

    Outbound configuration used by Nodes.

    dnsServiceIP
    string
    (Optional)

    DNSServiceIP is an IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr. Immutable.

    loadBalancerSKU
    string
    (Optional)

    LoadBalancerSKU is the SKU of the loadBalancer to be provisioned. Immutable.

    identityRef
    Kubernetes core/v1.ObjectReference

    IdentityRef is a reference to a AzureClusterIdentity to be used when reconciling this cluster

    aadProfile
    AADProfile
    (Optional)

    AadProfile is Azure Active Directory configuration to integrate with AKS for aad authentication.

    addonProfiles
    []AddonProfile
    (Optional)

    AddonProfiles are the profiles of managed cluster add-on.

    sku
    AKSSku
    (Optional)

    SKU is the SKU of the AKS to be provisioned.

    loadBalancerProfile
    LoadBalancerProfile
    (Optional)

    LoadBalancerProfile is the profile of the cluster load balancer.

    apiServerAccessProfile
    APIServerAccessProfile
    (Optional)

    APIServerAccessProfile is the access profile for AKS API server. Immutable except for authorizedIPRanges.

    autoscalerProfile
    AutoScalerProfile
    (Optional)

    AutoscalerProfile is the parameters to be applied to the cluster-autoscaler when enabled

    azureEnvironment
    string
    (Optional)

    AzureEnvironment is the name of the AzureCloud to be used. The default value that would be used by most users is “AzurePublicCloud”, other values are: - ChinaCloud: “AzureChinaCloud” - PublicCloud: “AzurePublicCloud” - USGovernmentCloud: “AzureUSGovernmentCloud”

    Note that values other than the default must also be accompanied by corresponding changes to the aso-controller-settings Secret to configure ASO to refer to the non-Public cloud. ASO currently does not support referring to multiple different clouds in a single installation. The following fields must be defined in the Secret: - AZURE_AUTHORITY_HOST - AZURE_RESOURCE_MANAGER_ENDPOINT - AZURE_RESOURCE_MANAGER_AUDIENCE

    See the ASO docs for more details.

    identity
    Identity
    (Optional)

    Identity configuration used by the AKS control plane.

    kubeletUserAssignedIdentity
    string
    (Optional)

    KubeletUserAssignedIdentity is the user-assigned identity for kubelet. For authentication with Azure Container Registry.

    httpProxyConfig
    HTTPProxyConfig
    (Optional)

    HTTPProxyConfig is the HTTP proxy configuration for the cluster. Immutable.

    oidcIssuerProfile
    OIDCIssuerProfile
    (Optional)

    OIDCIssuerProfile is the OIDC issuer profile of the Managed Cluster.

    disableLocalAccounts
    bool
    (Optional)

    DisableLocalAccounts disables getting static credentials for this cluster when set. Expected to only be used for AAD clusters.

    fleetsMember
    FleetsMemberClassSpec
    (Optional)

    FleetsMember is the spec for the fleet this cluster is a member of. See also AKS doc.

    extensions
    []AKSExtension
    (Optional)

    Extensions is a list of AKS extensions to be installed on the cluster.

    autoUpgradeProfile
    ManagedClusterAutoUpgradeProfile
    (Optional)

    AutoUpgradeProfile defines the auto upgrade configuration.

    securityProfile
    ManagedClusterSecurityProfile
    (Optional)

    SecurityProfile defines the security profile for cluster.

    asoManagedClusterPatches
    []string
    (Optional)

    ASOManagedClusterPatches defines JSON merge patches to be applied to the generated ASO ManagedCluster resource. WARNING: This is meant to be used sparingly to enable features for development and testing that are not otherwise represented in the CAPZ API. Misconfiguration that conflicts with CAPZ’s normal mode of operation is possible.

    enablePreviewFeatures
    bool
    (Optional)

    EnablePreviewFeatures enables preview features for the cluster.

    AzureManagedControlPlaneSkuTier (string alias)

    (Appears on:AKSSku)

    AzureManagedControlPlaneSkuTier - Tier of a managed cluster SKU.

    Value Description

    "Free"

    FreeManagedControlPlaneTier is the free tier of AKS without corresponding SLAs.

    "Paid"

    PaidManagedControlPlaneTier is the paid tier of AKS with corresponding SLAs. Deprecated. It has been replaced with StandardManagedControlPlaneTier.

    "Standard"

    StandardManagedControlPlaneTier is the standard tier of AKS with corresponding SLAs.

    AzureManagedControlPlaneSpec

    (Appears on:AzureManagedControlPlane)

    AzureManagedControlPlaneSpec defines the desired state of AzureManagedControlPlane.

    Field Description
    AzureManagedControlPlaneClassSpec
    AzureManagedControlPlaneClassSpec

    (Members of AzureManagedControlPlaneClassSpec are embedded into this type.)

    nodeResourceGroupName
    string
    (Optional)

    NodeResourceGroupName is the name of the resource group containing cluster IaaS resources. Will be populated to default in webhook. Immutable.

    controlPlaneEndpoint
    sigs.k8s.io/cluster-api/api/v1beta1.APIEndpoint
    (Optional)

    ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. Immutable, populated by the AKS API at create.

    sshPublicKey
    string
    (Optional)

    SSHPublicKey is a string literal containing an ssh public key base64 encoded. Use empty string to autogenerate new key. Use null value to not set key. Immutable.

    dnsPrefix
    string
    (Optional)

    DNSPrefix allows the user to customize dns prefix. Immutable.

    fleetsMember
    FleetsMember
    (Optional)

    FleetsMember is the spec for the fleet this cluster is a member of. See also AKS doc.

    AzureManagedControlPlaneStatus

    (Appears on:AzureManagedControlPlane)

    AzureManagedControlPlaneStatus defines the observed state of AzureManagedControlPlane.

    Field Description
    autoUpgradeVersion
    string
    (Optional)

    AutoUpgradeVersion is the Kubernetes version populated after auto-upgrade based on the upgrade channel.

    ready
    bool
    (Optional)

    Ready is true when the provider resource is ready.

    initialized
    bool
    (Optional)

    Initialized is true when the control plane is available for initial contact. This may occur before the control plane is fully ready. In the AzureManagedControlPlane implementation, these are identical.

    conditions
    sigs.k8s.io/cluster-api/api/v1beta1.Conditions
    (Optional)

    Conditions defines current service state of the AzureManagedControlPlane.

    longRunningOperationStates
    Futures
    (Optional)

    LongRunningOperationStates saves the states for Azure long-running operations so they can be continued on the next reconciliation loop.

    oidcIssuerProfile
    OIDCIssuerProfileStatus
    (Optional)

    OIDCIssuerProfile is the OIDC issuer profile of the Managed Cluster.

    version
    string
    (Optional)

    Version defines the Kubernetes version for the control plane instance.

    AzureManagedControlPlaneTemplate

    AzureManagedControlPlaneTemplate is the Schema for the AzureManagedControlPlaneTemplates API.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    AzureManagedControlPlaneTemplateSpec


    template
    AzureManagedControlPlaneTemplateResource

    AzureManagedControlPlaneTemplateMachineTemplate

    (Appears on:AzureManagedControlPlaneClassSpec)

    AzureManagedControlPlaneTemplateMachineTemplate is only used to fulfill the CAPI contract which expects a MachineTemplate field for any controlplane ref in a topology.

    AzureManagedControlPlaneTemplateResource

    (Appears on:AzureManagedControlPlaneTemplateSpec)

    AzureManagedControlPlaneTemplateResource describes the data needed to create an AzureManagedCluster from a template.

    Field Description
    spec
    AzureManagedControlPlaneTemplateResourceSpec


    AzureManagedControlPlaneClassSpec
    AzureManagedControlPlaneClassSpec

    (Members of AzureManagedControlPlaneClassSpec are embedded into this type.)

    AzureManagedControlPlaneTemplateResourceSpec

    (Appears on:AzureManagedControlPlaneTemplateResource)

    AzureManagedControlPlaneTemplateResourceSpec specifies an Azure managed control plane template resource.

    Field Description
    AzureManagedControlPlaneClassSpec
    AzureManagedControlPlaneClassSpec

    (Members of AzureManagedControlPlaneClassSpec are embedded into this type.)

    AzureManagedControlPlaneTemplateSpec

    (Appears on:AzureManagedControlPlaneTemplate)

    AzureManagedControlPlaneTemplateSpec defines the desired state of AzureManagedControlPlaneTemplate.

    Field Description
    template
    AzureManagedControlPlaneTemplateResource

    AzureManagedMachinePool

    AzureManagedMachinePool is the Schema for the azuremanagedmachinepools API.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    AzureManagedMachinePoolSpec


    AzureManagedMachinePoolClassSpec
    AzureManagedMachinePoolClassSpec

    (Members of AzureManagedMachinePoolClassSpec are embedded into this type.)

    providerIDList
    []string
    (Optional)

    ProviderIDList is the unique identifier as specified by the cloud provider.

    status
    AzureManagedMachinePoolStatus

    AzureManagedMachinePoolClassSpec

    (Appears on:AzureManagedMachinePoolSpec, AzureManagedMachinePoolTemplateResourceSpec)

    AzureManagedMachinePoolClassSpec defines the AzureManagedMachinePool properties that may be shared across several Azure managed machinepools.

    Field Description
    additionalTags
    Tags
    (Optional)

    AdditionalTags is an optional set of tags to add to Azure resources managed by the Azure provider, in addition to the ones added by default.

    name
    string
    (Optional)

    Name is the name of the agent pool. If not specified, CAPZ uses the name of the CR as the agent pool name. Immutable.

    mode
    string

    Mode represents the mode of an agent pool. Possible values include: System, User.

    sku
    string

    SKU is the size of the VMs in the node pool. Immutable.

    osDiskSizeGB
    int
    (Optional)

    OSDiskSizeGB is the disk size for every machine in this agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified. Immutable.

    availabilityZones
    []string
    (Optional)

    AvailabilityZones - Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType. Immutable.

    nodeLabels
    map[string]string
    (Optional)

    Node labels represent the labels for all of the nodes present in node pool. See also AKS doc.

    taints
    Taints
    (Optional)

    Taints specifies the taints for nodes present in this agent pool. See also AKS doc.

    scaling
    ManagedMachinePoolScaling
    (Optional)

    Scaling specifies the autoscaling parameters for the node pool.

    maxPods
    int
    (Optional)

    MaxPods specifies the kubelet --max-pods configuration for the node pool. Immutable. See also AKS doc, K8s doc.

    osDiskType
    string
    (Optional)

    OsDiskType specifies the OS disk type for each node in the pool. Allowed values are ‘Ephemeral’ and ‘Managed’ (default). Immutable. See also AKS doc.

    enableUltraSSD
    bool
    (Optional)

    EnableUltraSSD enables the storage type UltraSSD_LRS for the agent pool. Immutable.

    osType
    string
    (Optional)

    OSType specifies the virtual machine operating system. Default to Linux. Possible values include: ‘Linux’, ‘Windows’. ‘Windows’ requires the AzureManagedControlPlane’s spec.networkPlugin to be azure. Immutable. See also AKS doc.

    enableNodePublicIP
    bool
    (Optional)

    EnableNodePublicIP controls whether or not nodes in the pool each have a public IP address. Immutable.

    nodePublicIPPrefixID
    string
    (Optional)

    NodePublicIPPrefixID specifies the public IP prefix resource ID which VM nodes should use IPs from. Immutable.

    scaleSetPriority
    string
    (Optional)

    ScaleSetPriority specifies the ScaleSetPriority value. Default to Regular. Possible values include: ‘Regular’, ‘Spot’ Immutable.

    scaleDownMode
    string
    (Optional)

    ScaleDownMode affects the cluster autoscaler behavior. Default to Delete. Possible values include: ‘Deallocate’, ‘Delete’

    spotMaxPrice
    k8s.io/apimachinery/pkg/api/resource.Quantity
    (Optional)

    SpotMaxPrice defines max price to pay for spot instance. Possible values are any decimal value greater than zero or -1. If you set the max price to be -1, the VM won’t be evicted based on price. The price for the VM will be the current price for spot or the price for a standard VM, which ever is less, as long as there’s capacity and quota available.

    kubeletConfig
    KubeletConfig
    (Optional)

    KubeletConfig specifies the kubelet configurations for nodes. Immutable.

    kubeletDiskType
    KubeletDiskType
    (Optional)

    KubeletDiskType specifies the kubelet disk type. Default to OS. Possible values include: ‘OS’, ‘Temporary’. Requires Microsoft.ContainerService/KubeletDisk preview feature to be set. Immutable. See also AKS doc.

    linuxOSConfig
    LinuxOSConfig
    (Optional)

    LinuxOSConfig specifies the custom Linux OS settings and configurations. Immutable.

    subnetName
    string
    (Optional)

    SubnetName specifies the Subnet where the MachinePool will be placed Immutable.

    enableFIPS
    bool
    (Optional)

    EnableFIPS indicates whether FIPS is enabled on the node pool. Immutable.

    enableEncryptionAtHost
    bool
    (Optional)

    EnableEncryptionAtHost indicates whether host encryption is enabled on the node pool. Immutable. See also AKS doc.

    asoManagedClustersAgentPoolPatches
    []string
    (Optional)

    ASOManagedClustersAgentPoolPatches defines JSON merge patches to be applied to the generated ASO ManagedClustersAgentPool resource. WARNING: This is meant to be used sparingly to enable features for development and testing that are not otherwise represented in the CAPZ API. Misconfiguration that conflicts with CAPZ’s normal mode of operation is possible.

    AzureManagedMachinePoolSpec

    (Appears on:AzureManagedMachinePool)

    AzureManagedMachinePoolSpec defines the desired state of AzureManagedMachinePool.

    Field Description
    AzureManagedMachinePoolClassSpec
    AzureManagedMachinePoolClassSpec

    (Members of AzureManagedMachinePoolClassSpec are embedded into this type.)

    providerIDList
    []string
    (Optional)

    ProviderIDList is the unique identifier as specified by the cloud provider.

    AzureManagedMachinePoolStatus

    (Appears on:AzureManagedMachinePool)

    AzureManagedMachinePoolStatus defines the observed state of AzureManagedMachinePool.

    Field Description
    ready
    bool
    (Optional)

    Ready is true when the provider resource is ready.

    replicas
    int32
    (Optional)

    Replicas is the most recently observed number of replicas.

    errorReason
    sigs.k8s.io/cluster-api/errors.MachineStatusError
    (Optional)

    Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller’s output.

    errorMessage
    string
    (Optional)

    Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller’s output.

    conditions
    sigs.k8s.io/cluster-api/api/v1beta1.Conditions
    (Optional)

    Conditions defines current service state of the AzureManagedControlPlane.

    longRunningOperationStates
    Futures
    (Optional)

    LongRunningOperationStates saves the states for Azure long-running operations so they can be continued on the next reconciliation loop.

    AzureManagedMachinePoolTemplate

    AzureManagedMachinePoolTemplate is the Schema for the AzureManagedMachinePoolTemplates API.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    AzureManagedMachinePoolTemplateSpec


    template
    AzureManagedMachinePoolTemplateResource

    AzureManagedMachinePoolTemplateResource

    (Appears on:AzureManagedMachinePoolTemplateSpec)

    AzureManagedMachinePoolTemplateResource describes the data needed to create an AzureManagedCluster from a template.

    Field Description
    spec
    AzureManagedMachinePoolTemplateResourceSpec


    AzureManagedMachinePoolClassSpec
    AzureManagedMachinePoolClassSpec

    (Members of AzureManagedMachinePoolClassSpec are embedded into this type.)

    AzureManagedMachinePoolTemplateResourceSpec

    (Appears on:AzureManagedMachinePoolTemplateResource)

    AzureManagedMachinePoolTemplateResourceSpec specifies an Azure managed control plane template resource.

    Field Description
    AzureManagedMachinePoolClassSpec
    AzureManagedMachinePoolClassSpec

    (Members of AzureManagedMachinePoolClassSpec are embedded into this type.)

    AzureManagedMachinePoolTemplateSpec

    (Appears on:AzureManagedMachinePoolTemplate)

    AzureManagedMachinePoolTemplateSpec defines the desired state of AzureManagedMachinePoolTemplate.

    Field Description
    template
    AzureManagedMachinePoolTemplateResource

    AzureMarketplaceImage

    (Appears on:Image)

    AzureMarketplaceImage defines an image in the Azure Marketplace to use for VM creation.

    Field Description
    ImagePlan
    ImagePlan

    (Members of ImagePlan are embedded into this type.)

    version
    string

    Version specifies the version of an image sku. The allowed formats are Major.Minor.Build or ‘latest’. Major, Minor, and Build are decimal numbers. Specify ‘latest’ to use the latest version of an image available at deploy time. Even if you use ‘latest’, the VM image will not automatically update after deploy time even if a new version becomes available.

    thirdPartyImage
    bool
    (Optional)

    ThirdPartyImage indicates the image is published by a third party publisher and a Plan will be generated for it.

    AzureSharedGalleryImage

    (Appears on:Image)

    AzureSharedGalleryImage defines an image in a Shared Image Gallery to use for VM creation.

    Field Description
    subscriptionID
    string

    SubscriptionID is the identifier of the subscription that contains the shared image gallery

    resourceGroup
    string

    ResourceGroup specifies the resource group containing the shared image gallery

    gallery
    string

    Gallery specifies the name of the shared image gallery that contains the image

    name
    string

    Name is the name of the image

    version
    string

    Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or ‘latest’. Major, Minor, and Build are decimal numbers. Specify ‘latest’ to use the latest version of an image available at deploy time. Even if you use ‘latest’, the VM image will not automatically update after deploy time even if a new version becomes available.

    publisher
    string
    (Optional)

    Publisher is the name of the organization that created the image. This value will be used to add a Plan in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the Plan to be used.

    offer
    string
    (Optional)

    Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer This value will be used to add a Plan in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the Plan to be used.

    sku
    string
    (Optional)

    SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter This value will be used to add a Plan in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the Plan to be used.

    BackOffConfig

    (Appears on:CloudProviderConfigOverrides)

    BackOffConfig indicates the back-off config options.

    Field Description
    cloudProviderBackoff
    bool
    (Optional)
    cloudProviderBackoffRetries
    int
    (Optional)
    cloudProviderBackoffExponent
    k8s.io/apimachinery/pkg/api/resource.Quantity
    (Optional)
    cloudProviderBackoffDuration
    int
    (Optional)
    cloudProviderBackoffJitter
    k8s.io/apimachinery/pkg/api/resource.Quantity
    (Optional)

    BackendPool

    (Appears on:LoadBalancerSpec)

    BackendPool describes the backend pool of the load balancer.

    Field Description
    name
    string
    (Optional)

    Name specifies the name of backend pool for the load balancer. If not specified, the default name will be set, depending on the load balancer role.

    BalanceSimilarNodeGroups (string alias)

    (Appears on:AutoScalerProfile)

    BalanceSimilarNodeGroups enumerates the values for BalanceSimilarNodeGroups.

    Value Description

    "false"

    BalanceSimilarNodeGroupsFalse …

    "true"

    BalanceSimilarNodeGroupsTrue …

    BastionHostSkuName (string alias)

    (Appears on:AzureBastion)

    BastionHostSkuName is the name of the SKU used to specify the tier of Azure Bastion Host.

    Value Description

    "Basic"

    BasicBastionHostSku SKU for the Azure Bastion Host.

    "Standard"

    StandardBastionHostSku SKU for the Azure Bastion Host.

    BastionSpec

    (Appears on:AzureClusterSpec)

    BastionSpec specifies how the Bastion feature should be set up for the cluster.

    Field Description
    azureBastion
    AzureBastion
    (Optional)

    BastionTemplateSpec

    (Appears on:AzureClusterTemplateResourceSpec)

    BastionTemplateSpec specifies a template for a bastion host.

    Field Description
    azureBastion
    AzureBastionTemplateSpec
    (Optional)

    BootDiagnostics

    (Appears on:Diagnostics)

    BootDiagnostics configures the boot diagnostics settings for the virtual machine. This allows you to configure capturing serial output from the virtual machine on boot. This is useful for debugging software based launch issues.

    Field Description
    storageAccountType
    BootDiagnosticsStorageAccountType

    StorageAccountType determines if the storage account for storing the diagnostics data should be disabled (Disabled), provisioned by Azure (Managed) or by the user (UserManaged).

    userManaged
    UserManagedBootDiagnostics
    (Optional)

    UserManaged provides a reference to the user-managed storage account.

    BootDiagnosticsStorageAccountType (string alias)

    (Appears on:BootDiagnostics)

    BootDiagnosticsStorageAccountType defines the list of valid storage account types for the boot diagnostics.

    Value Description

    "Disabled"

    DisabledDiagnosticsStorage is used to determine that the diagnostics storage account should be disabled.

    "Managed"

    ManagedDiagnosticsStorage is used to determine that the diagnostics storage account should be provisioned by Azure.

    "UserManaged"

    UserManagedDiagnosticsStorage is used to determine that the diagnostics storage account should be provisioned by the User.

    BuildParams

    BuildParams is used to build tags around an azure resource.

    Field Description
    Lifecycle
    ResourceLifecycle

    Lifecycle determines the resource lifecycle.

    ClusterName
    string

    ClusterName is the cluster associated with the resource.

    ResourceID
    string

    ResourceID is the unique identifier of the resource to be tagged.

    Name
    string
    (Optional)

    Name is the name of the resource, it’s applied as the tag “Name” on Azure.

    Role
    string
    (Optional)

    Role is the role associated to the resource.

    Additional
    Tags
    (Optional)

    Any additional tags to be added to the resource.

    CPUManagerPolicy (string alias)

    (Appears on:KubeletConfig)

    CPUManagerPolicy enumerates the values for KubeletConfig.CPUManagerPolicy.

    Value Description

    "none"

    CPUManagerPolicyNone …

    "static"

    CPUManagerPolicyStatic …

    CloudProviderConfigOverrides

    (Appears on:AzureClusterClassSpec)

    CloudProviderConfigOverrides represents the fields that can be overridden in azure cloud provider config.

    Field Description
    rateLimits
    []RateLimitSpec
    (Optional)
    backOffs
    BackOffConfig
    (Optional)

    DataDisk

    (Appears on:AzureMachineSpec)

    DataDisk specifies the parameters that are used to add one or more data disks to the machine.

    Field Description
    nameSuffix
    string

    NameSuffix is the suffix to be appended to the machine name to generate the disk name. Each disk name will be in format _.

    diskSizeGB
    int32

    DiskSizeGB is the size in GB to assign to the data disk.

    managedDisk
    ManagedDiskParameters
    (Optional)

    ManagedDisk specifies the Managed Disk parameters for the data disk.

    lun
    int32
    (Optional)

    Lun Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM. The value must be between 0 and 63.

    cachingType
    string
    (Optional)

    CachingType specifies the caching requirements.

    Diagnostics

    (Appears on:AzureMachineSpec)

    Diagnostics is used to configure the diagnostic settings of the virtual machine.

    Field Description
    boot
    BootDiagnostics
    (Optional)

    Boot configures the boot diagnostics settings for the virtual machine. This allows to configure capturing serial output from the virtual machine on boot. This is useful for debugging software based launch issues. If not specified then Boot diagnostics (Managed) will be enabled.

    DiffDiskPlacement (string alias)

    (Appears on:DiffDiskSettings)

    DiffDiskPlacement - Specifies the ephemeral disk placement for operating system disk. This property can be used by user in the request to choose the location i.e, cache disk, resource disk or nvme disk space for Ephemeral OS disk provisioning. For more information on Ephemeral OS disk size requirements, please refer Ephemeral OS disk size requirements for Windows VM at https://docs.microsoft.com/azure/virtual-machines/windows/ephemeral-os-disks#size-requirements and Linux VM at https://docs.microsoft.com/azure/virtual-machines/linux/ephemeral-os-disks#size-requirements.

    Value Description

    "CacheDisk"

    DiffDiskPlacementCacheDisk places the OsDisk on cache disk.

    "NvmeDisk"

    DiffDiskPlacementNvmeDisk places the OsDisk on NVMe disk.

    "ResourceDisk"

    DiffDiskPlacementResourceDisk places the OsDisk on temp disk.

    DiffDiskSettings

    (Appears on:OSDisk)

    DiffDiskSettings describe ephemeral disk settings for the os disk.

    Field Description
    option
    string

    Option enables ephemeral OS when set to “Local” See https://learn.microsoft.com/azure/virtual-machines/ephemeral-os-disks for full details

    placement
    DiffDiskPlacement
    (Optional)

    Placement specifies the ephemeral disk placement for operating system disk. If placement is specified, Option must be set to “Local”.

    DiskEncryptionSetParameters

    (Appears on:ManagedDiskParameters, VMDiskSecurityProfile)

    DiskEncryptionSetParameters defines disk encryption options.

    Field Description
    id
    string
    (Optional)

    ID defines resourceID for diskEncryptionSet resource. It must be in the same subscription

    Expander (string alias)

    (Appears on:AutoScalerProfile)

    Expander enumerates the values for Expander.

    Value Description

    "least-waste"

    ExpanderLeastWaste …

    "most-pods"

    ExpanderMostPods …

    "priority"

    ExpanderPriority …

    "random"

    ExpanderRandom …

    ExtendedLocationSpec

    (Appears on:AzureClusterClassSpec)

    ExtendedLocationSpec defines the ExtendedLocation properties to enable CAPZ for Azure public MEC.

    Field Description
    name
    string

    Name defines the name for the extended location.

    type
    string

    Type defines the type for the extended location.

    ExtensionIdentity (string alias)

    (Appears on:AKSExtension)

    ExtensionIdentity defines the identity of the AKS marketplace extension, if configured.

    Value Description

    "SystemAssigned"

    ExtensionIdentitySystemAssigned …

    ExtensionPlan

    (Appears on:AKSExtension)

    ExtensionPlan represents the plan for an AKS marketplace extension.

    Field Description
    name
    string
    (Optional)

    Name is the user-defined name of the 3rd Party Artifact that is being procured.

    product
    string
    (Optional)

    Product is the name of the 3rd Party artifact that is being procured.

    promotionCode
    string
    (Optional)

    PromotionCode is a publisher-provided promotion code as provisioned in Data Market for the said product/artifact.

    publisher
    string
    (Optional)

    Publisher is the name of the publisher of the 3rd Party Artifact that is being bought.

    version
    string
    (Optional)

    Version is the version of the plan.

    ExtensionScope

    (Appears on:AKSExtension)

    ExtensionScope defines the scope of the AKS marketplace extension, if configured.

    Field Description
    scopeType
    ExtensionScopeType

    ScopeType is the scope of the extension. It can be either Cluster or Namespace, but not both.

    releaseNamespace
    string
    (Optional)

    ReleaseNamespace is the namespace where the extension Release must be placed, for a Cluster-scoped extension. Required for Cluster-scoped extensions.

    targetNamespace
    string
    (Optional)

    TargetNamespace is the namespace where the extension will be created for a Namespace-scoped extension. Required for Namespace-scoped extensions.

    ExtensionScopeType (string alias)

    (Appears on:ExtensionScope)

    ExtensionScopeType defines the scope type of the AKS marketplace extension, if configured.

    Value Description

    "Cluster"

    ExtensionScopeCluster …

    "Namespace"

    ExtensionScopeNamespace …

    FleetsMember

    (Appears on:AzureManagedControlPlaneSpec)

    FleetsMember defines the fleets member configuration. See also AKS doc.

    Field Description
    name
    string
    (Optional)

    Name is the name of the member.

    FleetsMemberClassSpec
    FleetsMemberClassSpec

    (Members of FleetsMemberClassSpec are embedded into this type.)

    FleetsMemberClassSpec

    (Appears on:AzureManagedControlPlaneClassSpec, FleetsMember)

    FleetsMemberClassSpec defines the FleetsMemberSpec properties that may be shared across several Azure clusters.

    Field Description
    group
    string
    (Optional)

    Group is the group this member belongs to for multi-cluster update management.

    managerName
    string

    ManagerName is the name of the fleet manager.

    managerResourceGroup
    string

    ManagerResourceGroup is the resource group of the fleet manager.

    FrontendIP

    (Appears on:LoadBalancerSpec)

    FrontendIP defines a load balancer frontend IP configuration.

    Field Description
    name
    string
    publicIP
    PublicIPSpec
    (Optional)
    FrontendIPClass
    FrontendIPClass

    (Members of FrontendIPClass are embedded into this type.)

    FrontendIPClass

    (Appears on:FrontendIP)

    FrontendIPClass defines the FrontendIP properties that may be shared across several Azure clusters.

    Field Description
    privateIP
    string
    (Optional)

    Future

    Future contains the data needed for an Azure long-running operation to continue across reconcile loops.

    Field Description
    type
    string

    Type describes the type of future, such as update, create, delete, etc.

    resourceGroup
    string
    (Optional)

    ResourceGroup is the Azure resource group for the resource.

    serviceName
    string

    ServiceName is the name of the Azure service. Together with the name of the resource, this forms the unique identifier for the future.

    name
    string

    Name is the name of the Azure resource. Together with the service name, this forms the unique identifier for the future.

    data
    string

    Data is the base64 url encoded json Azure AutoRest Future.

    Futures ([]sigs.k8s.io/cluster-api-provider-azure/api/v1beta1.Future alias)

    (Appears on:AzureClusterStatus, AzureMachineStatus, AzureManagedControlPlaneStatus, AzureManagedMachinePoolStatus)

    Futures is a slice of Future.

    HTTPProxyConfig

    (Appears on:AzureManagedControlPlaneClassSpec)

    HTTPProxyConfig is the HTTP proxy configuration for the cluster.

    Field Description
    httpProxy
    string
    (Optional)

    HTTPProxy is the HTTP proxy server endpoint to use.

    httpsProxy
    string
    (Optional)

    HTTPSProxy is the HTTPS proxy server endpoint to use.

    noProxy
    []string
    (Optional)

    NoProxy indicates the endpoints that should not go through proxy.

    trustedCa
    string
    (Optional)

    TrustedCA is the alternative CA cert to use for connecting to proxy servers.

    IPTag

    (Appears on:PublicIPSpec)

    IPTag contains the IpTag associated with the object.

    Field Description
    type
    string

    Type specifies the IP tag type. Example: FirstPartyUsage.

    tag
    string

    Tag specifies the value of the IP tag associated with the public IP. Example: SQL.

    Identity

    (Appears on:AzureManagedControlPlaneClassSpec)

    Identity represents the Identity configuration for an AKS control plane. See also AKS doc.

    Field Description
    type
    ManagedControlPlaneIdentityType
    (Optional)

    Type - The Identity type to use.

    userAssignedIdentityResourceID
    string
    (Optional)

    UserAssignedIdentityResourceID - Identity ARM resource ID when using user-assigned identity.

    IdentityType (string alias)

    (Appears on:AzureClusterIdentitySpec)

    IdentityType represents different types of identities.

    Value Description

    "ManualServicePrincipal"

    ManualServicePrincipal represents a manual service principal.

    "ServicePrincipal"

    ServicePrincipal represents a service principal using a client password as secret.

    "ServicePrincipalCertificate"

    ServicePrincipalCertificate represents a service principal using a certificate as secret.

    "UserAssignedMSI"

    UserAssignedMSI represents a user-assigned managed identity.

    "WorkloadIdentity"

    WorkloadIdentity represents a WorkloadIdentity.

    Image

    (Appears on:AzureMachineSpec)

    Image defines information about the image to use for VM creation. There are three ways to specify an image: by ID, Marketplace Image or SharedImageGallery One of ID, SharedImage or Marketplace should be set.

    Field Description
    id
    string
    (Optional)

    ID specifies an image to use by ID

    sharedGallery
    AzureSharedGalleryImage
    (Optional)

    SharedGallery specifies an image to use from an Azure Shared Image Gallery Deprecated: use ComputeGallery instead.

    marketplace
    AzureMarketplaceImage
    (Optional)

    Marketplace specifies an image to use from the Azure Marketplace

    computeGallery
    AzureComputeGalleryImage
    (Optional)

    ComputeGallery specifies an image to use from the Azure Compute Gallery

    ImagePlan

    (Appears on:AzureComputeGalleryImage, AzureMarketplaceImage)

    ImagePlan contains plan information for marketplace images.

    Field Description
    publisher
    string

    Publisher is the name of the organization that created the image

    offer
    string

    Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer

    sku
    string

    SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter

    KeyVaultNetworkAccessTypes (string alias)

    (Appears on:AzureKeyVaultKms)

    KeyVaultNetworkAccessTypes defines the types of network access of key vault. The possible values are Public and Private. The default value is Public.

    Value Description

    "Private"

    KeyVaultNetworkAccessTypesPrivate means the key vault disables public access and enables private link.

    "Public"

    KeyVaultNetworkAccessTypesPublic means the key vault allows public access from all networks.

    KubeletConfig

    (Appears on:AzureManagedMachinePoolClassSpec)

    KubeletConfig defines the supported subset of kubelet configurations for nodes in pools. See also AKS doc, K8s doc.

    Field Description
    cpuManagerPolicy
    CPUManagerPolicy
    (Optional)

    CPUManagerPolicy - CPU Manager policy to use.

    cpuCfsQuota
    bool
    (Optional)

    CPUCfsQuota - Enable CPU CFS quota enforcement for containers that specify CPU limits.

    cpuCfsQuotaPeriod
    string
    (Optional)

    CPUCfsQuotaPeriod - Sets CPU CFS quota period value. Must end in “ms”, e.g. “100ms”

    imageGcHighThreshold
    int
    (Optional)

    ImageGcHighThreshold - The percent of disk usage after which image garbage collection is always run. Valid values are 0-100 (inclusive).

    imageGcLowThreshold
    int
    (Optional)

    ImageGcLowThreshold - The percent of disk usage before which image garbage collection is never run. Valid values are 0-100 (inclusive) and must be less than imageGcHighThreshold.

    topologyManagerPolicy
    TopologyManagerPolicy
    (Optional)

    TopologyManagerPolicy - Topology Manager policy to use.

    allowedUnsafeSysctls
    []string
    (Optional)

    AllowedUnsafeSysctls - Allowlist of unsafe sysctls or unsafe sysctl patterns (ending in *). Valid values match kernel.shm*, kernel.msg*, kernel.sem, fs.mqueue.*, or net.*.

    failSwapOn
    bool
    (Optional)

    FailSwapOn - If set to true it will make the Kubelet fail to start if swap is enabled on the node.

    containerLogMaxSizeMB
    int
    (Optional)

    ContainerLogMaxSizeMB - The maximum size in MB of a container log file before it is rotated.

    containerLogMaxFiles
    int
    (Optional)

    ContainerLogMaxFiles - The maximum number of container log files that can be present for a container. The number must be ≥ 2.

    podMaxPids
    int
    (Optional)

    PodMaxPids - The maximum number of processes per pod. Must not exceed kernel PID limit. -1 disables the limit.

    KubeletDiskType (string alias)

    (Appears on:AzureManagedMachinePoolClassSpec)

    KubeletDiskType enumerates the values for the agent pool’s KubeletDiskType.

    Value Description

    "OS"

    KubeletDiskTypeOS …

    "Temporary"

    KubeletDiskTypeTemporary …

    LBType (string alias)

    (Appears on:LoadBalancerClassSpec)

    LBType defines an Azure load balancer Type.

    Value Description

    "Internal"

    Internal is the value for the Azure load balancer internal type.

    "Public"

    Public is the value for the Azure load balancer public type.

    LinuxOSConfig

    (Appears on:AzureManagedMachinePoolClassSpec)

    LinuxOSConfig specifies the custom Linux OS settings and configurations. See also AKS doc.

    Field Description
    swapFileSizeMB
    int
    (Optional)

    SwapFileSizeMB specifies size in MB of a swap file will be created on the agent nodes from this node pool. Max value of SwapFileSizeMB should be the size of temporary disk(/dev/sdb). Must be at least 1. See also AKS doc.

    sysctls
    SysctlConfig
    (Optional)

    Sysctl specifies the settings for Linux agent nodes.

    transparentHugePageDefrag
    TransparentHugePageOption
    (Optional)

    TransparentHugePageDefrag specifies whether the kernel should make aggressive use of memory compaction to make more hugepages available. See also [Linux doc].

    [Linux doc]: https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge for more details.

    transparentHugePageEnabled
    TransparentHugePageOption
    (Optional)

    TransparentHugePageEnabled specifies various modes of Transparent Hugepages. See also [Linux doc].

    [Linux doc]: https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge for more details.

    LoadBalancerClassSpec

    (Appears on:LoadBalancerSpec, NetworkTemplateSpec)

    LoadBalancerClassSpec defines the LoadBalancerSpec properties that may be shared across several Azure clusters.

    Field Description
    sku
    SKU
    (Optional)
    type
    LBType
    (Optional)
    idleTimeoutInMinutes
    int32
    (Optional)

    IdleTimeoutInMinutes specifies the timeout for the TCP idle connection.

    LoadBalancerProfile

    (Appears on:AzureManagedControlPlaneClassSpec)

    LoadBalancerProfile - Profile of the cluster load balancer. At most one of managedOutboundIPs, outboundIPPrefixes, or outboundIPs may be specified. See also AKS doc.

    Field Description
    managedOutboundIPs
    int
    (Optional)

    ManagedOutboundIPs - Desired managed outbound IPs for the cluster load balancer.

    outboundIPPrefixes
    []string
    (Optional)

    OutboundIPPrefixes - Desired outbound IP Prefix resources for the cluster load balancer.

    outboundIPs
    []string
    (Optional)

    OutboundIPs - Desired outbound IP resources for the cluster load balancer.

    allocatedOutboundPorts
    int
    (Optional)

    AllocatedOutboundPorts - Desired number of allocated SNAT ports per VM. Allowed values must be in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.

    idleTimeoutInMinutes
    int
    (Optional)

    IdleTimeoutInMinutes - Desired outbound flow idle timeout in minutes. Allowed values must be in the range of 4 to 120 (inclusive). The default value is 30 minutes.

    LoadBalancerSpec

    (Appears on:NetworkSpec)

    LoadBalancerSpec defines an Azure load balancer.

    Field Description
    id
    string
    (Optional)

    ID is the Azure resource ID of the load balancer. READ-ONLY

    name
    string
    (Optional)
    frontendIPs
    []FrontendIP
    (Optional)
    frontendIPsCount
    int32
    (Optional)

    FrontendIPsCount specifies the number of frontend IP addresses for the load balancer.

    backendPool
    BackendPool
    (Optional)

    BackendPool describes the backend pool of the load balancer.

    LoadBalancerClassSpec
    LoadBalancerClassSpec

    (Members of LoadBalancerClassSpec are embedded into this type.)

    ManagedClusterAutoUpgradeProfile

    (Appears on:AzureManagedControlPlaneClassSpec)

    ManagedClusterAutoUpgradeProfile defines the auto upgrade profile for a managed cluster.

    Field Description
    upgradeChannel
    UpgradeChannel
    (Optional)

    UpgradeChannel determines the type of upgrade channel for automatically upgrading the cluster.

    ManagedClusterSecurityProfile

    (Appears on:AzureManagedControlPlaneClassSpec)

    ManagedClusterSecurityProfile defines the security profile for the cluster.

    Field Description
    azureKeyVaultKms
    AzureKeyVaultKms
    (Optional)

    AzureKeyVaultKms defines Azure Key Vault Management Services Profile for the security profile.

    defender
    ManagedClusterSecurityProfileDefender
    (Optional)

    Defender settings for the security profile.

    imageCleaner
    ManagedClusterSecurityProfileImageCleaner
    (Optional)

    ImageCleaner settings for the security profile.

    workloadIdentity
    ManagedClusterSecurityProfileWorkloadIdentity
    (Optional)

    Workloadidentity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. Ensure to enable OIDC issuer while enabling Workload Identity

    ManagedClusterSecurityProfileDefender

    (Appears on:ManagedClusterSecurityProfile)

    ManagedClusterSecurityProfileDefender defines Microsoft Defender settings for the security profile. See also AKS doc.

    Field Description
    logAnalyticsWorkspaceResourceID
    string

    LogAnalyticsWorkspaceResourceID is the ID of the Log Analytics workspace that has to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID.

    securityMonitoring
    ManagedClusterSecurityProfileDefenderSecurityMonitoring

    SecurityMonitoring profile defines the Microsoft Defender threat detection for Cloud settings for the security profile.

    ManagedClusterSecurityProfileDefenderSecurityMonitoring

    (Appears on:ManagedClusterSecurityProfileDefender)

    ManagedClusterSecurityProfileDefenderSecurityMonitoring settings for the security profile threat detection.

    Field Description
    enabled
    bool

    Enabled enables Defender threat detection

    ManagedClusterSecurityProfileImageCleaner

    (Appears on:ManagedClusterSecurityProfile)

    ManagedClusterSecurityProfileImageCleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. See also AKS doc.

    Field Description
    enabled
    bool

    Enabled enables the Image Cleaner on AKS cluster.

    intervalHours
    int
    (Optional)

    IntervalHours defines Image Cleaner scanning interval in hours. Default value is 24 hours.

    ManagedClusterSecurityProfileWorkloadIdentity

    (Appears on:ManagedClusterSecurityProfile)

    ManagedClusterSecurityProfileWorkloadIdentity settings for the security profile. See also AKS doc.

    Field Description
    enabled
    bool

    Enabled enables the workload identity.

    ManagedControlPlaneIdentityType (string alias)

    (Appears on:Identity)

    ManagedControlPlaneIdentityType enumerates the values for managed control plane identity type.

    Value Description

    "SystemAssigned"

    ManagedControlPlaneIdentityTypeSystemAssigned Use an implicitly created system-assigned managed identity to manage cluster resources. Components in the control plane such as kube-controller-manager will use the system-assigned managed identity to manipulate Azure resources.

    "UserAssigned"

    ManagedControlPlaneIdentityTypeUserAssigned Use a user-assigned identity to manage cluster resources. Components in the control plane such as kube-controller-manager will use the specified user-assigned managed identity to manipulate Azure resources.

    ManagedControlPlaneOutboundType (string alias)

    (Appears on:AzureManagedControlPlaneClassSpec)

    ManagedControlPlaneOutboundType enumerates the values for the managed control plane OutboundType.

    Value Description

    "loadBalancer"

    ManagedControlPlaneOutboundTypeLoadBalancer …

    "managedNATGateway"

    ManagedControlPlaneOutboundTypeManagedNATGateway …

    "userAssignedNATGateway"

    ManagedControlPlaneOutboundTypeUserAssignedNATGateway …

    "userDefinedRouting"

    ManagedControlPlaneOutboundTypeUserDefinedRouting …

    ManagedControlPlaneSubnet

    (Appears on:ManagedControlPlaneVirtualNetworkClassSpec)

    ManagedControlPlaneSubnet describes a subnet for an AKS cluster.

    Field Description
    name
    string
    cidrBlock
    string
    serviceEndpoints
    ServiceEndpoints
    (Optional)

    ServiceEndpoints is a slice of Virtual Network service endpoints to enable for the subnets.

    privateEndpoints
    PrivateEndpoints
    (Optional)

    PrivateEndpoints is a slice of Virtual Network private endpoints to create for the subnets.

    ManagedControlPlaneVirtualNetwork

    (Appears on:AzureManagedControlPlaneClassSpec)

    ManagedControlPlaneVirtualNetwork describes a virtual network required to provision AKS clusters.

    Field Description
    resourceGroup
    string
    (Optional)

    ResourceGroup is the name of the Azure resource group for the VNet and Subnet.

    name
    string

    Name is the name of the virtual network.

    ManagedControlPlaneVirtualNetworkClassSpec
    ManagedControlPlaneVirtualNetworkClassSpec

    (Members of ManagedControlPlaneVirtualNetworkClassSpec are embedded into this type.)

    ManagedControlPlaneVirtualNetworkClassSpec

    (Appears on:ManagedControlPlaneVirtualNetwork)

    ManagedControlPlaneVirtualNetworkClassSpec defines the ManagedControlPlaneVirtualNetwork properties that may be shared across several managed control plane vnets.

    Field Description
    cidrBlock
    string
    subnet
    ManagedControlPlaneSubnet
    (Optional)

    ManagedDiskParameters

    (Appears on:DataDisk, OSDisk)

    ManagedDiskParameters defines the parameters of a managed disk.

    Field Description
    storageAccountType
    string
    (Optional)
    diskEncryptionSet
    DiskEncryptionSetParameters
    (Optional)

    DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk.

    securityProfile
    VMDiskSecurityProfile
    (Optional)

    SecurityProfile specifies the security profile for the managed disk.

    ManagedMachinePoolScaling

    (Appears on:AzureManagedMachinePoolClassSpec)

    ManagedMachinePoolScaling specifies scaling options.

    Field Description
    minSize
    int

    MinSize is the minimum number of nodes for auto-scaling.

    maxSize
    int

    MaxSize is the maximum number of nodes for auto-scaling.

    NatGateway

    (Appears on:SubnetSpec)

    NatGateway defines an Azure NAT gateway. NAT gateway resources are part of Vnet NAT and provide outbound Internet connectivity for subnets of a virtual network.

    Field Description
    id
    string
    (Optional)

    ID is the Azure resource ID of the NAT gateway. READ-ONLY

    ip
    PublicIPSpec
    (Optional)
    NatGatewayClassSpec
    NatGatewayClassSpec

    (Members of NatGatewayClassSpec are embedded into this type.)

    NatGatewayClassSpec

    (Appears on:NatGateway, SubnetTemplateSpec)

    NatGatewayClassSpec defines a NAT gateway class specification.

    Field Description
    name
    string

    NetworkClassSpec

    (Appears on:NetworkSpec, NetworkTemplateSpec)

    NetworkClassSpec defines the NetworkSpec properties that may be shared across several Azure clusters.

    Field Description
    privateDNSZoneName
    string
    (Optional)

    PrivateDNSZoneName defines the zone name for the Azure Private DNS.

    NetworkDataplaneType (string alias)

    (Appears on:AzureManagedControlPlaneClassSpec)

    NetworkDataplaneType is the type of network dataplane to use.

    Value Description

    "azure"

    NetworkDataplaneTypeAzure is the Azure network dataplane type.

    "cilium"

    NetworkDataplaneTypeCilium is the Cilium network dataplane type.

    NetworkInterface

    (Appears on:AzureMachineSpec)

    NetworkInterface defines a network interface.

    Field Description
    subnetName
    string

    SubnetName specifies the subnet in which the new network interface will be placed.

    privateIPConfigs
    int
    (Optional)

    PrivateIPConfigs specifies the number of private IP addresses to attach to the interface. Defaults to 1 if not specified.

    acceleratedNetworking
    bool
    (Optional)

    AcceleratedNetworking enables or disables Azure accelerated networking. If omitted, it will be set based on whether the requested VMSize supports accelerated networking. If AcceleratedNetworking is set to true with a VMSize that does not support it, Azure will return an error.

    NetworkPluginMode (string alias)

    (Appears on:AzureManagedControlPlaneClassSpec)

    NetworkPluginMode is the mode the network plugin should use.

    Value Description

    "overlay"

    NetworkPluginModeOverlay is used with networkPlugin=azure, pods are given IPs from the PodCIDR address space but use Azure Routing Domains rather than Kubenet’s method of route tables. See also AKS doc.

    NetworkSpec

    (Appears on:AzureClusterSpec)

    NetworkSpec specifies what the Azure networking resources should look like.

    Field Description
    vnet
    VnetSpec
    (Optional)

    Vnet is the configuration for the Azure virtual network.

    subnets
    Subnets
    (Optional)

    Subnets is the configuration for the control-plane subnet and the node subnet.

    apiServerLB
    LoadBalancerSpec
    (Optional)

    APIServerLB is the configuration for the control-plane load balancer.

    nodeOutboundLB
    LoadBalancerSpec
    (Optional)

    NodeOutboundLB is the configuration for the node outbound load balancer.

    controlPlaneOutboundLB
    LoadBalancerSpec
    (Optional)

    ControlPlaneOutboundLB is the configuration for the control-plane outbound load balancer. This is different from APIServerLB, and is used only in private clusters (optionally) for enabling outbound traffic.

    NetworkClassSpec
    NetworkClassSpec

    (Members of NetworkClassSpec are embedded into this type.)

    NetworkTemplateSpec

    (Appears on:AzureClusterTemplateResourceSpec)

    NetworkTemplateSpec specifies a network template.

    Field Description
    NetworkClassSpec
    NetworkClassSpec

    (Members of NetworkClassSpec are embedded into this type.)

    vnet
    VnetTemplateSpec
    (Optional)

    Vnet is the configuration for the Azure virtual network.

    subnets
    SubnetTemplatesSpec
    (Optional)

    Subnets is the configuration for the control-plane subnet and the node subnet.

    apiServerLB
    LoadBalancerClassSpec
    (Optional)

    APIServerLB is the configuration for the control-plane load balancer.

    nodeOutboundLB
    LoadBalancerClassSpec
    (Optional)

    NodeOutboundLB is the configuration for the node outbound load balancer.

    controlPlaneOutboundLB
    LoadBalancerClassSpec
    (Optional)

    ControlPlaneOutboundLB is the configuration for the control-plane outbound load balancer. This is different from APIServerLB, and is used only in private clusters (optionally) for enabling outbound traffic.

    NodePoolMode (string alias)

    NodePoolMode enumerates the values for agent pool mode.

    Value Description

    "System"

    NodePoolModeSystem represents mode system for azuremachinepool.

    "User"

    NodePoolModeUser represents mode user for azuremachinepool.

    OIDCIssuerProfile

    (Appears on:AzureManagedControlPlaneClassSpec)

    OIDCIssuerProfile is the OIDC issuer profile of the Managed Cluster. See also AKS doc.

    Field Description
    enabled
    bool
    (Optional)

    Enabled is whether the OIDC issuer is enabled.

    OIDCIssuerProfileStatus

    (Appears on:AzureManagedControlPlaneStatus)

    OIDCIssuerProfileStatus is the OIDC issuer profile of the Managed Cluster.

    Field Description
    issuerURL
    string
    (Optional)

    IssuerURL is the OIDC issuer url of the Managed Cluster.

    OSDisk

    (Appears on:AzureMachineSpec)

    OSDisk defines the operating system disk for a VM.

    WARNING: this requires any updates to ManagedDisk to be manually converted. This is due to the odd issue with conversion-gen where the warning message generated uses a relative directory import rather than the fully qualified import when generating outside of the GOPATH.

    Field Description
    osType
    string
    diskSizeGB
    int32
    (Optional)

    DiskSizeGB is the size in GB to assign to the OS disk. Will have a default of 30GB if not provided

    managedDisk
    ManagedDiskParameters
    (Optional)

    ManagedDisk specifies the Managed Disk parameters for the OS disk.

    diffDiskSettings
    DiffDiskSettings
    (Optional)
    cachingType
    string
    (Optional)

    CachingType specifies the caching requirements.

    OrchestrationModeType (string alias)

    OrchestrationModeType represents the orchestration mode for a Virtual Machine Scale Set backing an AzureMachinePool.

    Value Description

    "Flexible"

    FlexibleOrchestrationMode treats VMs as individual resources accessible by standard VM APIs.

    "Uniform"

    UniformOrchestrationMode treats VMs as identical instances accessible by the VMSS VM API.

    PrivateEndpointSpec

    PrivateEndpointSpec configures an Azure Private Endpoint.

    Field Description
    name
    string

    Name specifies the name of the private endpoint.

    location
    string
    (Optional)

    Location specifies the region to create the private endpoint.

    privateLinkServiceConnections
    []PrivateLinkServiceConnection

    PrivateLinkServiceConnections specifies Private Link Service Connections of the private endpoint.

    customNetworkInterfaceName
    string
    (Optional)

    CustomNetworkInterfaceName specifies the network interface name associated with the private endpoint.

    privateIPAddresses
    []string
    (Optional)

    PrivateIPAddresses specifies the IP addresses for the network interface associated with the private endpoint. They have to be part of the subnet where the private endpoint is linked.

    applicationSecurityGroups
    []string
    (Optional)

    ApplicationSecurityGroups specifies the Application security group in which the private endpoint IP configuration is included.

    manualApproval
    bool
    (Optional)

    ManualApproval specifies if the connection approval needs to be done manually or not. Set it true when the network admin does not have access to approve connections to the remote resource. Defaults to false.

    PrivateEndpoints ([]sigs.k8s.io/cluster-api-provider-azure/api/v1beta1.PrivateEndpointSpec alias)

    (Appears on:ManagedControlPlaneSubnet, SubnetClassSpec)

    PrivateEndpoints is a slice of PrivateEndpointSpec.

    PrivateLinkServiceConnection

    (Appears on:PrivateEndpointSpec)

    PrivateLinkServiceConnection defines the specification for a private link service connection associated with a private endpoint.

    Field Description
    name
    string
    (Optional)

    Name specifies the name of the private link service.

    privateLinkServiceID
    string

    PrivateLinkServiceID specifies the resource ID of the private link service.

    groupIDs
    []string
    (Optional)

    GroupIDs specifies the ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.

    requestMessage
    string
    (Optional)

    RequestMessage specifies a message passed to the owner of the remote resource with the private endpoint connection request.

    ProvisioningState (string alias)

    (Appears on:AzureMachineStatus)

    ProvisioningState describes the provisioning state of an Azure resource.

    Value Description

    "Canceled"

    Canceled represents an action which was initiated but terminated by the user before completion.

    "Creating"

    Creating …

    "Deleted"

    Deleted represents a deleted VM NOTE: This state is specific to capz, and does not have corresponding mapping in Azure API (https://learn.microsoft.com/azure/virtual-machines/states-billing#provisioning-states)

    "Deleting"

    Deleting …

    "Failed"

    Failed …

    "Migrating"

    Migrating …

    "Succeeded"

    Succeeded …

    "Updating"

    Updating …

    PublicIPSpec

    (Appears on:AzureBastion, FrontendIP, NatGateway)

    PublicIPSpec defines the inputs to create an Azure public IP address.

    Field Description
    name
    string
    dnsName
    string
    (Optional)
    ipTags
    []IPTag
    (Optional)

    RateLimitConfig

    (Appears on:RateLimitSpec)

    RateLimitConfig indicates the rate limit config options.

    Field Description
    cloudProviderRateLimit
    bool
    (Optional)
    cloudProviderRateLimitQPS
    k8s.io/apimachinery/pkg/api/resource.Quantity
    (Optional)
    cloudProviderRateLimitBucket
    int
    (Optional)
    cloudProviderRateLimitQPSWrite
    k8s.io/apimachinery/pkg/api/resource.Quantity
    (Optional)
    cloudProviderRateLimitBucketWrite
    int
    (Optional)

    RateLimitSpec

    (Appears on:CloudProviderConfigOverrides)

    RateLimitSpec represents the rate limit configuration for a particular kind of resource. Eg. loadBalancerRateLimit is used to configure rate limits for load balancers. This eventually gets converted to CloudProviderRateLimitConfig that cloud-provider-azure expects. See: https://github.com/kubernetes-sigs/cloud-provider-azure/blob/d585c2031925b39c925624302f22f8856e29e352/pkg/provider/azure_ratelimit.go#L25 We cannot use CloudProviderRateLimitConfig directly because floating point values are not supported in controller-tools. See: https://github.com/kubernetes-sigs/controller-tools/issues/245

    Field Description
    name
    string

    Name is the name of the rate limit spec.

    config
    RateLimitConfig
    (Optional)

    ResourceLifecycle (string alias)

    (Appears on:BuildParams)

    ResourceLifecycle configures the lifecycle of a resource.

    Value Description

    "owned"

    ResourceLifecycleOwned is the value we use when tagging resources to indicate that the resource is considered owned and managed by the cluster, and in particular that the lifecycle is tied to the lifecycle of the cluster.

    "shared"

    ResourceLifecycleShared is the value we use when tagging resources to indicate that the resource is shared between multiple clusters, and should not be destroyed if the cluster is destroyed.

    RouteTable

    (Appears on:SubnetSpec)

    RouteTable defines an Azure route table.

    Field Description
    id
    string
    (Optional)

    ID is the Azure resource ID of the route table. READ-ONLY

    name
    string

    SKU (string alias)

    (Appears on:LoadBalancerClassSpec)

    SKU defines an Azure load balancer SKU.

    Value Description

    "Standard"

    SKUStandard is the value for the Azure load balancer Standard SKU.

    SecurityEncryptionType (string alias)

    (Appears on:VMDiskSecurityProfile)

    SecurityEncryptionType represents the Encryption Type when the virtual machine is a Confidential VM.

    Value Description

    "DiskWithVMGuestState"

    SecurityEncryptionTypeDiskWithVMGuestState OS disk confidential encryption with a platform-managed key (PMK) or a customer-managed key (CMK).

    "VMGuestStateOnly"

    SecurityEncryptionTypeVMGuestStateOnly disables OS disk confidential encryption.

    SecurityGroup

    (Appears on:SubnetSpec)

    SecurityGroup defines an Azure security group.

    Field Description
    id
    string
    (Optional)

    ID is the Azure resource ID of the security group. READ-ONLY

    name
    string
    SecurityGroupClass
    SecurityGroupClass

    (Members of SecurityGroupClass are embedded into this type.)

    SecurityGroupClass

    (Appears on:SecurityGroup, SubnetTemplateSpec)

    SecurityGroupClass defines the SecurityGroup properties that may be shared across several Azure clusters.

    Field Description
    securityRules
    SecurityRules
    (Optional)
    tags
    Tags
    (Optional)

    SecurityGroupProtocol (string alias)

    (Appears on:SecurityRule)

    SecurityGroupProtocol defines the protocol type for a security group rule.

    Value Description

    "*"

    SecurityGroupProtocolAll is a wildcard for all IP protocols.

    "Icmp"

    SecurityGroupProtocolICMP represents the ICMP protocol.

    "Tcp"

    SecurityGroupProtocolTCP represents the TCP protocol.

    "Udp"

    SecurityGroupProtocolUDP represents the UDP protocol.

    SecurityProfile

    (Appears on:AzureMachineSpec)

    SecurityProfile specifies the Security profile settings for a virtual machine or virtual machine scale set.

    Field Description
    encryptionAtHost
    bool
    (Optional)

    This field indicates whether Host Encryption should be enabled or disabled for a virtual machine or virtual machine scale set. This should be disabled when SecurityEncryptionType is set to DiskWithVMGuestState. Default is disabled.

    securityType
    SecurityTypes
    (Optional)

    SecurityType specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set.

    uefiSettings
    UefiSettings
    (Optional)

    UefiSettings specifies the security settings like secure boot and vTPM used while creating the virtual machine.

    SecurityRule

    SecurityRule defines an Azure security rule for security groups.

    Field Description
    name
    string

    Name is a unique name within the network security group.

    description
    string

    A description for this rule. Restricted to 140 chars.

    protocol
    SecurityGroupProtocol

    Protocol specifies the protocol type. “Tcp”, “Udp”, “Icmp”, or “*”.

    direction
    SecurityRuleDirection

    Direction indicates whether the rule applies to inbound, or outbound traffic. “Inbound” or “Outbound”.

    priority
    int32
    (Optional)

    Priority is a number between 100 and 4096. Each rule should have a unique value for priority. Rules are processed in priority order, with lower numbers processed before higher numbers. Once traffic matches a rule, processing stops.

    sourcePorts
    string
    (Optional)

    SourcePorts specifies source port or range. Integer or range between 0 and 65535. Asterix ‘*’ can also be used to match all ports.

    destinationPorts
    string
    (Optional)

    DestinationPorts specifies the destination port or range. Integer or range between 0 and 65535. Asterix ‘*’ can also be used to match all ports.

    source
    string
    (Optional)

    Source specifies the CIDR or source IP range. Asterix ‘*’ can also be used to match all source IPs. Default tags such as ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used. If this is an ingress rule, specifies where network traffic originates from.

    sources
    []string

    Sources specifies The CIDR or source IP ranges.

    destination
    string
    (Optional)

    Destination is the destination address prefix. CIDR or destination IP range. Asterix ‘*’ can also be used to match all source IPs. Default tags such as ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used.

    action
    SecurityRuleAccess
    (Optional)

    Action specifies whether network traffic is allowed or denied. Can either be “Allow” or “Deny”. Defaults to “Allow”.

    SecurityRuleAccess (string alias)

    (Appears on:SecurityRule)

    SecurityRuleAccess defines the action type for a security group rule.

    Value Description

    "Allow"

    SecurityRuleActionAllow allows traffic defined in the rule.

    "Deny"

    SecurityRuleActionDeny denies traffic defined in the rule.

    SecurityRuleDirection (string alias)

    (Appears on:SecurityRule)

    SecurityRuleDirection defines the direction type for a security group rule.

    Value Description

    "Inbound"

    SecurityRuleDirectionInbound defines an ingress security rule.

    "Outbound"

    SecurityRuleDirectionOutbound defines an egress security rule.

    SecurityRules ([]sigs.k8s.io/cluster-api-provider-azure/api/v1beta1.SecurityRule alias)

    (Appears on:SecurityGroupClass)

    SecurityRules is a slice of Azure security rules for security groups.

    SecurityTypes (string alias)

    (Appears on:SecurityProfile)

    SecurityTypes represents the SecurityType of the virtual machine.

    Value Description

    "ConfidentialVM"

    SecurityTypesConfidentialVM defines the SecurityType of the virtual machine as a Confidential VM.

    "TrustedLaunch"

    SecurityTypesTrustedLaunch defines the SecurityType of the virtual machine as a Trusted Launch VM.

    ServiceEndpointSpec

    ServiceEndpointSpec configures an Azure Service Endpoint.

    Field Description
    service
    string
    locations
    []string

    ServiceEndpoints ([]sigs.k8s.io/cluster-api-provider-azure/api/v1beta1.ServiceEndpointSpec alias)

    (Appears on:ManagedControlPlaneSubnet, SubnetClassSpec)

    ServiceEndpoints is a slice of string.

    SkipNodesWithLocalStorage (string alias)

    (Appears on:AutoScalerProfile)

    SkipNodesWithLocalStorage enumerates the values for SkipNodesWithLocalStorage.

    Value Description

    "false"

    SkipNodesWithLocalStorageFalse …

    "true"

    SkipNodesWithLocalStorageTrue …

    SkipNodesWithSystemPods (string alias)

    (Appears on:AutoScalerProfile)

    SkipNodesWithSystemPods enumerates the values for SkipNodesWithSystemPods.

    Value Description

    "false"

    SkipNodesWithSystemPodsFalse …

    "true"

    SkipNodesWithSystemPodsTrue …

    SpotEvictionPolicy (string alias)

    (Appears on:SpotVMOptions)

    SpotEvictionPolicy defines the eviction policy for spot VMs, if configured.

    Value Description

    "Deallocate"

    SpotEvictionPolicyDeallocate is the default eviction policy and will deallocate the VM when the node is marked for eviction.

    "Delete"

    SpotEvictionPolicyDelete will delete the VM when the node is marked for eviction.

    SpotVMOptions

    (Appears on:AzureMachineSpec)

    SpotVMOptions defines the options relevant to running the Machine on Spot VMs.

    Field Description
    maxPrice
    k8s.io/apimachinery/pkg/api/resource.Quantity
    (Optional)

    MaxPrice defines the maximum price the user is willing to pay for Spot VM instances

    evictionPolicy
    SpotEvictionPolicy
    (Optional)

    EvictionPolicy defines the behavior of the virtual machine when it is evicted. It can be either Delete or Deallocate.

    SubnetClassSpec

    (Appears on:SubnetSpec, SubnetTemplateSpec)

    SubnetClassSpec defines the SubnetSpec properties that may be shared across several Azure clusters.

    Field Description
    name
    string

    Name defines a name for the subnet resource.

    role
    SubnetRole

    Role defines the subnet role (eg. Node, ControlPlane)

    cidrBlocks
    []string
    (Optional)

    CIDRBlocks defines the subnet’s address space, specified as one or more address prefixes in CIDR notation.

    serviceEndpoints
    ServiceEndpoints
    (Optional)

    ServiceEndpoints is a slice of Virtual Network service endpoints to enable for the subnets.

    privateEndpoints
    PrivateEndpoints
    (Optional)

    PrivateEndpoints defines a list of private endpoints that should be attached to this subnet.

    SubnetRole (string alias)

    (Appears on:SubnetClassSpec)

    SubnetRole defines the unique role of a subnet.

    Value Description

    "bastion"

    DefaultAzureBastionSubnetRole is the default Subnet role for AzureBastion.

    "bastion"

    SubnetBastion defines a Bastion subnet role.

    "cluster"

    SubnetCluster defines a role that can be used for both Kubernetes control plane node and Kubernetes workload node.

    "control-plane"

    SubnetControlPlane defines a Kubernetes control plane node role.

    "node"

    SubnetNode defines a Kubernetes workload node role.

    SubnetSpec

    (Appears on:AzureBastion)

    SubnetSpec configures an Azure subnet.

    Field Description
    id
    string
    (Optional)

    ID is the Azure resource ID of the subnet. READ-ONLY

    securityGroup
    SecurityGroup
    (Optional)

    SecurityGroup defines the NSG (network security group) that should be attached to this subnet.

    routeTable
    RouteTable
    (Optional)

    RouteTable defines the route table that should be attached to this subnet.

    natGateway
    NatGateway
    (Optional)

    NatGateway associated with this subnet.

    SubnetClassSpec
    SubnetClassSpec

    (Members of SubnetClassSpec are embedded into this type.)

    SubnetTemplateSpec

    (Appears on:AzureBastionTemplateSpec)

    SubnetTemplateSpec specifies a template for a subnet.

    Field Description
    SubnetClassSpec
    SubnetClassSpec

    (Members of SubnetClassSpec are embedded into this type.)

    securityGroup
    SecurityGroupClass
    (Optional)

    SecurityGroup defines the NSG (network security group) that should be attached to this subnet.

    natGateway
    NatGatewayClassSpec
    (Optional)

    NatGateway associated with this subnet.

    SubnetTemplatesSpec ([]sigs.k8s.io/cluster-api-provider-azure/api/v1beta1.SubnetTemplateSpec alias)

    (Appears on:NetworkTemplateSpec)

    SubnetTemplatesSpec specifies a list of subnet templates.

    Subnets ([]sigs.k8s.io/cluster-api-provider-azure/api/v1beta1.SubnetSpec alias)

    (Appears on:NetworkSpec)

    Subnets is a slice of Subnet.

    SysctlConfig

    (Appears on:LinuxOSConfig)

    SysctlConfig specifies the settings for Linux agent nodes.

    Field Description
    fsAioMaxNr
    int
    (Optional)

    FsAioMaxNr specifies the maximum number of system-wide asynchronous io requests. Valid values are 65536-6553500 (inclusive). Maps to fs.aio-max-nr.

    fsFileMax
    int
    (Optional)

    FsFileMax specifies the max number of file-handles that the Linux kernel will allocate, by increasing increases the maximum number of open files permitted. Valid values are 8192-12000500 (inclusive). Maps to fs.file-max.

    fsInotifyMaxUserWatches
    int
    (Optional)

    FsInotifyMaxUserWatches specifies the number of file watches allowed by the system. Each watch is roughly 90 bytes on a 32-bit kernel, and roughly 160 bytes on a 64-bit kernel. Valid values are 781250-2097152 (inclusive). Maps to fs.inotify.max_user_watches.

    fsNrOpen
    int
    (Optional)

    FsNrOpen specifies the maximum number of file-handles a process can allocate. Valid values are 8192-20000500 (inclusive). Maps to fs.nr_open.

    kernelThreadsMax
    int
    (Optional)

    KernelThreadsMax specifies the maximum number of all threads that can be created. Valid values are 20-513785 (inclusive). Maps to kernel.threads-max.

    netCoreNetdevMaxBacklog
    int
    (Optional)

    NetCoreNetdevMaxBacklog specifies maximum number of packets, queued on the INPUT side, when the interface receives packets faster than kernel can process them. Valid values are 1000-3240000 (inclusive). Maps to net.core.netdev_max_backlog.

    netCoreOptmemMax
    int
    (Optional)

    NetCoreOptmemMax specifies the maximum ancillary buffer size (option memory buffer) allowed per socket. Socket option memory is used in a few cases to store extra structures relating to usage of the socket. Valid values are 20480-4194304 (inclusive). Maps to net.core.optmem_max.

    netCoreRmemDefault
    int
    (Optional)

    NetCoreRmemDefault specifies the default receive socket buffer size in bytes. Valid values are 212992-134217728 (inclusive). Maps to net.core.rmem_default.

    netCoreRmemMax
    int
    (Optional)

    NetCoreRmemMax specifies the maximum receive socket buffer size in bytes. Valid values are 212992-134217728 (inclusive). Maps to net.core.rmem_max.

    netCoreSomaxconn
    int
    (Optional)

    NetCoreSomaxconn specifies maximum number of connection requests that can be queued for any given listening socket. An upper limit for the value of the backlog parameter passed to the listen(2)(https://man7.org/linux/man-pages/man2/listen.2.html) function. If the backlog argument is greater than the somaxconn, then it’s silently truncated to this limit. Valid values are 4096-3240000 (inclusive). Maps to net.core.somaxconn.

    netCoreWmemDefault
    int
    (Optional)

    NetCoreWmemDefault specifies the default send socket buffer size in bytes. Valid values are 212992-134217728 (inclusive). Maps to net.core.wmem_default.

    netCoreWmemMax
    int
    (Optional)

    NetCoreWmemMax specifies the maximum send socket buffer size in bytes. Valid values are 212992-134217728 (inclusive). Maps to net.core.wmem_max.

    netIpv4IPLocalPortRange
    string
    (Optional)

    NetIpv4IPLocalPortRange is used by TCP and UDP traffic to choose the local port on the agent node. PortRange should be specified in the format “first last”. First, being an integer, must be between [1024 - 60999]. Last, being an integer, must be between [32768 - 65000]. Maps to net.ipv4.ip_local_port_range.

    netIpv4NeighDefaultGcThresh1
    int
    (Optional)

    NetIpv4NeighDefaultGcThresh1 specifies the minimum number of entries that may be in the ARP cache. Garbage collection won’t be triggered if the number of entries is below this setting. Valid values are 128-80000 (inclusive). Maps to net.ipv4.neigh.default.gc_thresh1.

    netIpv4NeighDefaultGcThresh2
    int
    (Optional)

    NetIpv4NeighDefaultGcThresh2 specifies soft maximum number of entries that may be in the ARP cache. ARP garbage collection will be triggered about 5 seconds after reaching this soft maximum. Valid values are 512-90000 (inclusive). Maps to net.ipv4.neigh.default.gc_thresh2.

    netIpv4NeighDefaultGcThresh3
    int
    (Optional)

    NetIpv4NeighDefaultGcThresh3 specified hard maximum number of entries in the ARP cache. Valid values are 1024-100000 (inclusive). Maps to net.ipv4.neigh.default.gc_thresh3.

    netIpv4TCPFinTimeout
    int
    (Optional)

    NetIpv4TCPFinTimeout specifies the length of time an orphaned connection will remain in the FIN_WAIT_2 state before it’s aborted at the local end. Valid values are 5-120 (inclusive). Maps to net.ipv4.tcp_fin_timeout.

    netIpv4TCPKeepaliveProbes
    int
    (Optional)

    NetIpv4TCPKeepaliveProbes specifies the number of keepalive probes TCP sends out, until it decides the connection is broken. Valid values are 1-15 (inclusive). Maps to net.ipv4.tcp_keepalive_probes.

    netIpv4TCPKeepaliveTime
    int
    (Optional)

    NetIpv4TCPKeepaliveTime specifies the rate at which TCP sends out a keepalive message when keepalive is enabled. Valid values are 30-432000 (inclusive). Maps to net.ipv4.tcp_keepalive_time.

    netIpv4TCPMaxSynBacklog
    int
    (Optional)

    NetIpv4TCPMaxSynBacklog specifies the maximum number of queued connection requests that have still not received an acknowledgment from the connecting client. If this number is exceeded, the kernel will begin dropping requests. Valid values are 128-3240000 (inclusive). Maps to net.ipv4.tcp_max_syn_backlog.

    netIpv4TCPMaxTwBuckets
    int
    (Optional)

    NetIpv4TCPMaxTwBuckets specifies maximal number of timewait sockets held by system simultaneously. If this number is exceeded, time-wait socket is immediately destroyed and warning is printed. Valid values are 8000-1440000 (inclusive). Maps to net.ipv4.tcp_max_tw_buckets.

    netIpv4TCPTwReuse
    bool
    (Optional)

    NetIpv4TCPTwReuse is used to allow to reuse TIME-WAIT sockets for new connections when it’s safe from protocol viewpoint. Maps to net.ipv4.tcp_tw_reuse.

    netIpv4TCPkeepaliveIntvl
    int
    (Optional)

    NetIpv4TCPkeepaliveIntvl specifies the frequency of the probes sent out. Multiplied by tcpKeepaliveprobes, it makes up the time to kill a connection that isn’t responding, after probes started. Valid values are 1-75 (inclusive). Maps to net.ipv4.tcp_keepalive_intvl.

    netNetfilterNfConntrackBuckets
    int
    (Optional)

    NetNetfilterNfConntrackBuckets specifies the size of hash table used by nf_conntrack module to record the established connection record of the TCP protocol. Valid values are 65536-147456 (inclusive). Maps to net.netfilter.nf_conntrack_buckets.

    netNetfilterNfConntrackMax
    int
    (Optional)

    NetNetfilterNfConntrackMax specifies the maximum number of connections supported by the nf_conntrack module or the size of connection tracking table. Valid values are 131072-1048576 (inclusive). Maps to net.netfilter.nf_conntrack_max.

    vmMaxMapCount
    int
    (Optional)

    VMMaxMapCount specifies the maximum number of memory map areas a process may have. Maps to vm.max_map_count. Valid values are 65530-262144 (inclusive).

    vmSwappiness
    int
    (Optional)

    VMSwappiness specifies aggressiveness of the kernel in swapping memory pages. Higher values will increase aggressiveness, lower values decrease the amount of swap. Valid values are 0-100 (inclusive). Maps to vm.swappiness.

    vmVfsCachePressure
    int
    (Optional)

    VMVfsCachePressure specifies the percentage value that controls tendency of the kernel to reclaim the memory, which is used for caching of directory and inode objects. Valid values are 1-500 (inclusive). Maps to vm.vfs_cache_pressure.

    SystemAssignedIdentityRole

    (Appears on:AzureMachineSpec)

    SystemAssignedIdentityRole defines the role and scope to assign to the system assigned identity.

    Field Description
    name
    string
    (Optional)

    Name is the name of the role assignment to create for a system assigned identity. It can be any valid UUID. If not specified, a random UUID will be generated.

    definitionID
    string
    (Optional)

    DefinitionID is the ID of the role definition to create for a system assigned identity. It can be an Azure built-in role or a custom role. Refer to built-in roles: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

    scope
    string
    (Optional)

    Scope is the scope that the role assignment or definition applies to. The scope can be any REST resource instance. If not specified, the scope will be the subscription.

    Tags (map[string]string alias)

    (Appears on:AzureClusterClassSpec, AzureMachineSpec, AzureManagedControlPlaneClassSpec, AzureManagedMachinePoolClassSpec, BuildParams, SecurityGroupClass, VMExtension, VnetClassSpec)

    Tags defines a map of tags.

    Taint

    Taint represents a Kubernetes taint.

    Field Description
    effect
    TaintEffect

    Effect specifies the effect for the taint

    key
    string

    Key is the key of the taint

    value
    string

    Value is the value of the taint

    TaintEffect (string alias)

    (Appears on:Taint)

    TaintEffect is the effect for a Kubernetes taint.

    Taints ([]sigs.k8s.io/cluster-api-provider-azure/api/v1beta1.Taint alias)

    (Appears on:AzureManagedMachinePoolClassSpec)

    Taints is an array of Taints.

    TopologyManagerPolicy (string alias)

    (Appears on:KubeletConfig)

    TopologyManagerPolicy enumerates the values for KubeletConfig.TopologyManagerPolicy.

    Value Description

    "best-effort"

    TopologyManagerPolicyBestEffort …

    "none"

    TopologyManagerPolicyNone …

    "restricted"

    TopologyManagerPolicyRestricted …

    "single-numa-node"

    TopologyManagerPolicySingleNumaNode …

    TransparentHugePageOption (string alias)

    (Appears on:LinuxOSConfig)

    TransparentHugePageOption enumerates the values for various modes of Transparent Hugepages.

    Value Description

    "always"

    TransparentHugePageOptionAlways …

    "defer"

    TransparentHugePageOptionDefer …

    "defer+madvise"

    TransparentHugePageOptionDeferMadvise …

    "madvise"

    TransparentHugePageOptionMadvise …

    "never"

    TransparentHugePageOptionNever …

    UefiSettings

    (Appears on:SecurityProfile)

    UefiSettings specifies the security settings like secure boot and vTPM used while creating the virtual machine.

    Field Description
    secureBootEnabled
    bool
    (Optional)

    SecureBootEnabled specifies whether secure boot should be enabled on the virtual machine. Secure Boot verifies the digital signature of all boot components and halts the boot process if signature verification fails. If omitted, the platform chooses a default, which is subject to change over time, currently that default is false.

    vTpmEnabled
    bool
    (Optional)

    VTpmEnabled specifies whether vTPM should be enabled on the virtual machine. When true it enables the virtualized trusted platform module measurements to create a known good boot integrity policy baseline. The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. This is required to be set to Enabled if SecurityEncryptionType is defined. If omitted, the platform chooses a default, which is subject to change over time, currently that default is false.

    UpgradeChannel (string alias)

    (Appears on:ManagedClusterAutoUpgradeProfile)

    UpgradeChannel determines the type of upgrade channel for automatically upgrading the cluster. See also AKS doc.

    Value Description

    "node-image"

    UpgradeChannelNodeImage automatically upgrades the node image to the latest version available. Consider using nodeOSUpgradeChannel instead as that allows you to configure node OS patching separate from Kubernetes version patching.

    "none"

    UpgradeChannelNone disables auto-upgrades and keeps the cluster at its current version of Kubernetes.

    "patch"

    UpgradeChannelPatch automatically upgrades the cluster to the latest supported patch version when it becomes available while keeping the minor version the same. For example, if a cluster is running version 1.17.7 while versions 1.17.9, 1.18.4, 1.18.6, and 1.19.1 are available, the cluster will be upgraded to 1.17.9.

    "rapid"

    UpgradeChannelRapid automatically upgrades the cluster to the latest supported patch release on the latest supported minor version. In cases where the cluster is at a version of Kubernetes that is at an N-2 minor version where N is the latest supported minor version, the cluster first upgrades to the latest supported patch version on N-1 minor version. For example, if a cluster is running version 1.17.7 while versions 1.17.9, 1.18.4, 1.18.6, and 1.19.1 are available, the cluster will first be upgraded to 1.18.6 and then to 1.19.1.

    "stable"

    UpgradeChannelStable automatically upgrade the cluster to the latest supported patch release on minor version N-1, where N is the latest supported minor version. For example, if a cluster is running version 1.17.7 while versions 1.17.9, 1.18.4, 1.18.6, and 1.19.1 are available, the cluster will be upgraded to 1.18.6.

    UserAssignedIdentity

    (Appears on:AzureMachineSpec)

    UserAssignedIdentity defines the user-assigned identities provided by the user to be assigned to Azure resources.

    Field Description
    providerID
    string

    ProviderID is the identification ID of the user-assigned Identity, the format of an identity is: ‘azure:///subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}’

    UserManagedBootDiagnostics

    (Appears on:BootDiagnostics)

    UserManagedBootDiagnostics provides a reference to a user-managed storage account.

    Field Description
    storageAccountURI
    string

    StorageAccountURI is the URI of the user-managed storage account. The URI typically will be https://<mystorageaccountname>.blob.core.windows.net/ but may differ if you are using Azure DNS zone endpoints. You can find the correct endpoint by looking for the Blob Primary Endpoint in the endpoints tab in the Azure console or with the CLI by issuing az storage account list --query='[].{name: name, "resource group": resourceGroup, "blob endpoint": primaryEndpoints.blob}'.

    VMDiskSecurityProfile

    (Appears on:ManagedDiskParameters)

    VMDiskSecurityProfile specifies the security profile settings for the managed disk. It can be set only for Confidential VMs.

    Field Description
    diskEncryptionSet
    DiskEncryptionSetParameters
    (Optional)

    DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob.

    securityEncryptionType
    SecurityEncryptionType
    (Optional)

    SecurityEncryptionType specifies the encryption type of the managed disk. It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and VirtualizedTrustedPlatformModule should be set to Enabled. It can be set only for Confidential VMs.

    VMExtension

    (Appears on:AzureMachineSpec)

    VMExtension specifies the parameters for a custom VM extension.

    Field Description
    name
    string

    Name is the name of the extension.

    publisher
    string

    Publisher is the name of the extension handler publisher.

    version
    string

    Version specifies the version of the script handler.

    settings
    Tags
    (Optional)

    Settings is a JSON formatted public settings for the extension.

    protectedSettings
    Tags
    (Optional)

    ProtectedSettings is a JSON formatted protected settings for the extension.

    VMIdentity (string alias)

    (Appears on:AzureMachineSpec)

    VMIdentity defines the identity of the virtual machine, if configured.

    Value Description

    "None"

    VMIdentityNone …

    "SystemAssigned"

    VMIdentitySystemAssigned …

    "UserAssigned"

    VMIdentityUserAssigned …

    VMState (string alias)

    VMState describes the state of an Azure virtual machine. Deprecated: use ProvisioningState.

    VnetClassSpec

    (Appears on:VnetSpec, VnetTemplateSpec)

    VnetClassSpec defines the VnetSpec properties that may be shared across several Azure clusters.

    Field Description
    cidrBlocks
    []string
    (Optional)

    CIDRBlocks defines the virtual network’s address space, specified as one or more address prefixes in CIDR notation.

    tags
    Tags
    (Optional)

    Tags is a collection of tags describing the resource.

    VnetPeeringClassSpec

    (Appears on:VnetPeeringSpec)

    VnetPeeringClassSpec specifies a virtual network peering class.

    Field Description
    resourceGroup
    string
    (Optional)

    ResourceGroup is the resource group name of the remote virtual network.

    remoteVnetName
    string

    RemoteVnetName defines name of the remote virtual network.

    forwardPeeringProperties
    VnetPeeringProperties
    (Optional)

    ForwardPeeringProperties specifies VnetPeeringProperties for peering from the cluster’s virtual network to the remote virtual network.

    reversePeeringProperties
    VnetPeeringProperties
    (Optional)

    ReversePeeringProperties specifies VnetPeeringProperties for peering from the remote virtual network to the cluster’s virtual network.

    VnetPeeringProperties

    (Appears on:VnetPeeringClassSpec)

    VnetPeeringProperties specifies virtual network peering properties.

    Field Description
    allowForwardedTraffic
    bool
    (Optional)

    AllowForwardedTraffic specifies whether the forwarded traffic from the VMs in the local virtual network will be allowed/disallowed in remote virtual network.

    allowGatewayTransit
    bool
    (Optional)

    AllowGatewayTransit specifies if gateway links can be used in remote virtual networking to link to this virtual network.

    allowVirtualNetworkAccess
    bool
    (Optional)

    AllowVirtualNetworkAccess specifies whether the VMs in the local virtual network space would be able to access the VMs in remote virtual network space.

    useRemoteGateways
    bool
    (Optional)

    UseRemoteGateways specifies if remote gateways can be used on this virtual network. If the flag is set to true, and allowGatewayTransit on remote peering is also set to true, the virtual network will use the gateways of the remote virtual network for transit. Only one peering can have this flag set to true. This flag cannot be set if virtual network already has a gateway.

    VnetPeeringSpec

    VnetPeeringSpec specifies an existing remote virtual network to peer with the AzureCluster’s virtual network.

    Field Description
    VnetPeeringClassSpec
    VnetPeeringClassSpec

    (Members of VnetPeeringClassSpec are embedded into this type.)

    VnetPeerings ([]sigs.k8s.io/cluster-api-provider-azure/api/v1beta1.VnetPeeringSpec alias)

    (Appears on:VnetSpec)

    VnetPeerings is a slice of VnetPeering.

    VnetPeeringsTemplateSpec ([]sigs.k8s.io/cluster-api-provider-azure/api/v1beta1.VnetPeeringClassSpec alias)

    (Appears on:VnetTemplateSpec)

    VnetPeeringsTemplateSpec defines a list of peerings of the newly created virtual network with existing virtual networks.

    VnetSpec

    (Appears on:NetworkSpec)

    VnetSpec configures an Azure virtual network.

    Field Description
    resourceGroup
    string
    (Optional)

    ResourceGroup is the name of the resource group of the existing virtual network or the resource group where a managed virtual network should be created.

    id
    string
    (Optional)

    ID is the Azure resource ID of the virtual network. READ-ONLY

    name
    string

    Name defines a name for the virtual network resource.

    peerings
    VnetPeerings
    (Optional)

    Peerings defines a list of peerings of the newly created virtual network with existing virtual networks.

    VnetClassSpec
    VnetClassSpec

    (Members of VnetClassSpec are embedded into this type.)

    VnetTemplateSpec

    (Appears on:NetworkTemplateSpec)

    VnetTemplateSpec defines the desired state of a virtual network.

    Field Description
    VnetClassSpec
    VnetClassSpec

    (Members of VnetClassSpec are embedded into this type.)

    peerings
    VnetPeeringsTemplateSpec
    (Optional)

    Peerings defines a list of peerings of the newly created virtual network with existing virtual networks.


    Generated with gen-crd-api-reference-docs on git commit 70f6b6ab.