az aks addon
Note
This reference is part of the aks-preview extension for the Azure CLI (version 2.61.0 or higher). The extension will automatically install the first time you run an az aks addon command. Learn more about extensions.
Commands to manage and view single addon conditions.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az aks addon disable |
Disable an enabled Kubernetes addon in a cluster. |
Extension | GA |
| az aks addon enable |
Enable a Kubernetes addon. |
Extension | GA |
| az aks addon list |
List status of all Kubernetes addons in given cluster. |
Extension | GA |
| az aks addon list-available |
List available Kubernetes addons. |
Extension | GA |
| az aks addon show |
Show status and configuration for an enabled Kubernetes addon in a given cluster. |
Extension | GA |
| az aks addon update |
Update an already enabled Kubernetes addon. |
Extension | GA |
az aks addon disable
Disable an enabled Kubernetes addon in a cluster.
az aks addon disable --addon
--name
--resource-group
[--no-wait]Examples
Disable the "monitoring" addon.
az aks addon disable -g myResourceGroup -n myAKSCluster -a monitoringRequired Parameters
Specify the Kubernetes addon to disable.
Name of the managed cluster.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Do not wait for the long-running operation to finish.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az aks addon enable
Enable a Kubernetes addon.
These addons are available: http_application_routing - configure ingress with automatic public DNS name creation. monitoring - turn on Log Analytics monitoring. Uses the Log Analytics Default Workspace if it exists, else creates one. Specify "--workspace-resource-id" to use an existing workspace. If monitoring addon is enabled --no-wait argument will have no effect virtual-node - enable AKS Virtual Node. Requires --subnet-name to provide the name of an existing subnet for the Virtual Node to use. azure-policy - enable Azure policy. The Azure Policy add-on for AKS enables at-scale enforcements and safeguards on your clusters in a centralized, consistent manner. Learn more at aka.ms/aks/policy. ingress-appgw - enable Application Gateway Ingress Controller addon (PREVIEW). open-service-mesh - enable Open Service Mesh addon (PREVIEW). gitops - enable GitOps (PREVIEW). azure-keyvault-secrets-provider - enable Azure Keyvault Secrets Provider addon. web_application_routing - enable Web Application Routing addon (PREVIEW). Specify "--dns-zone-resource-id" to configure DNS.
az aks addon enable --addon
--name
--resource-group
[--ampls-resource-id]
[--appgw-id]
[--appgw-name]
[--appgw-subnet-cidr]
[--appgw-subnet-id]
[--appgw-subnet-prefix]
[--appgw-watch-namespace]
[--data-collection-settings]
[--dns-zone-resource-id]
[--dns-zone-resource-ids]
[--enable-high-log-scale-mode {false, true}]
[--enable-msi-auth-for-monitoring {false, true}]
[--enable-secret-rotation]
[--enable-sgxquotehelper]
[--enable-syslog {false, true}]
[--no-wait]
[--rotation-poll-interval]
[--subnet-name]
[--workspace-resource-id]Examples
Enable a Kubernetes addon. (autogenerated)
az aks addon enable --addon virtual-node --name MyManagedCluster --resource-group MyResourceGroup --subnet-name VirtualNodeSubnetEnable ingress-appgw addon with subnet prefix.
az aks addon enable --name MyManagedCluster --resource-group MyResourceGroup --addon ingress-appgw --appgw-subnet-cidr 10.2.0.0/16 --appgw-name gatewayEnable open-service-mesh addon.
az aks addon enable --name MyManagedCluster --resource-group MyResourceGroup -a open-service-meshRequired Parameters
Specify the Kubernetes addon to enable.
Name of the managed cluster.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Resource ID of Azure Monitor Private Link scope for Monitoring Addon.
Resource Id of an existing Application Gateway to use with AGIC. Use with ingress-azure addon.
Name of the application gateway to create/use in the node resource group. Use with ingress-azure addon.
Subnet CIDR to use for a new subnet created to deploy the Application Gateway. Use with ingress-azure addon.
Resource Id of an existing Subnet used to deploy the Application Gateway. Use with ingress-azure addon.
Argument 'appgw_subnet_prefix' has been deprecated and will be removed in a future release. Use '--appgw-subnet-cidr' instead.
Subnet Prefix to use for a new subnet created to deploy the Application Gateway. Use with ingress-azure addon.
Specify the namespace, which AGIC should watch. This could be a single string value, or a comma-separated list of namespaces. Use with ingress-azure addon.
Path to JSON file containing data collection settings for Monitoring addon.
Option '--dns-zone-resource-id' has been deprecated and will be removed in a future release. Use '--dns-zone-resource-ids' instead.
The resource ID of the DNS zone resource to use with the web_application_routing addon.
A comma separated list of resource IDs of the DNS zone resource to use with the web_application_routing addon.
Enable High Log Scale Mode for Container Logs.
Send monitoring data to Log Analytics using the cluster's assigned identity (instead of the Log Analytics Workspace's shared key).
Enable secret rotation. Use with azure-keyvault-secrets-provider addon.
Enable SGX quote helper for confcom addon.
Enable syslog data collection for Monitoring addon.
Do not wait for the long-running operation to finish.
Set interval of rotation poll. Use with azure-keyvault-secrets-provider addon.
The subnet name for the virtual node to use.
The resource ID of an existing Log Analytics Workspace to use for storing monitoring data.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az aks addon list
List status of all Kubernetes addons in given cluster.
az aks addon list --name
--resource-groupRequired Parameters
Name of the managed cluster.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az aks addon list-available
List available Kubernetes addons.
az aks addon list-availableGlobal Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az aks addon show
Show status and configuration for an enabled Kubernetes addon in a given cluster.
az aks addon show --addon
--name
--resource-groupExamples
Show configuration for "monitoring" addon.
az aks addon show -g myResourceGroup -n myAKSCluster -a monitoringRequired Parameters
Specify the Kubernetes addon.
Name of the managed cluster.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az aks addon update
Update an already enabled Kubernetes addon.
az aks addon update --addon
--name
--resource-group
[--ampls-resource-id]
[--appgw-id]
[--appgw-name]
[--appgw-subnet-cidr]
[--appgw-subnet-id]
[--appgw-subnet-prefix]
[--appgw-watch-namespace]
[--data-collection-settings]
[--dns-zone-resource-id]
[--dns-zone-resource-ids]
[--enable-high-log-scale-mode {false, true}]
[--enable-msi-auth-for-monitoring {false, true}]
[--enable-secret-rotation]
[--enable-sgxquotehelper]
[--enable-syslog {false, true}]
[--no-wait]
[--rotation-poll-interval]
[--subnet-name]
[--workspace-resource-id]Examples
Update a Kubernetes addon. (autogenerated)
az aks addon update --addon virtual-node --name MyManagedCluster --resource-group MyResourceGroup --subnet-name VirtualNodeSubnetUpdate ingress-appgw addon with subnet prefix.
az aks addon update --name MyManagedCluster --resource-group MyResourceGroup --addon ingress-appgw --appgw-subnet-cidr 10.2.0.0/16 --appgw-name gatewayUpdate monitoring addon with workspace resource id.
az aks addon update -g $rg -n $cn -a monitoring --workspace-resource-id=/subscriptions/0000000-00000000-00000-000-000/resourcegroups/myresourcegroup/providers/microsoft.operationalinsights/workspaces/defaultlaworkspaceRequired Parameters
Specify the Kubernetes addon to update.
Name of the managed cluster.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Resource ID of Azure Monitor Private Link scope for Monitoring Addon.
Resource Id of an existing Application Gateway to use with AGIC. Use with ingress-azure addon.
Name of the application gateway to create/use in the node resource group. Use with ingress-azure addon.
Subnet CIDR to use for a new subnet created to deploy the Application Gateway. Use with ingress-azure addon.
Resource Id of an existing Subnet used to deploy the Application Gateway. Use with ingress-azure addon.
Argument 'appgw_subnet_prefix' has been deprecated and will be removed in a future release. Use '--appgw-subnet-cidr' instead.
Subnet Prefix to use for a new subnet created to deploy the Application Gateway. Use with ingress-azure addon.
Specify the namespace, which AGIC should watch. This could be a single string value, or a comma-separated list of namespaces. Use with ingress-azure addon.
Path to JSON file containing data collection settings for Monitoring addon.
Option '--dns-zone-resource-id' has been deprecated and will be removed in a future release. Use '--dns-zone-resource-ids' instead.
The resource ID of the DNS zone resource to use with the web_application_routing addon.
A comma separated list of resource IDs of the DNS zone resource to use with the web_application_routing addon.
Enable High Log Scale Mode for Container Logs.
Send monitoring data to Log Analytics using the cluster's assigned identity (instead of the Log Analytics Workspace's shared key).
Enable secret rotation. Use with azure-keyvault-secrets-provider addon.
Enable SGX quote helper for confcom addon.
Enable syslog data collection for Monitoring addon.
Do not wait for the long-running operation to finish.
Set interval of rotation poll. Use with azure-keyvault-secrets-provider addon.
The subnet name for the virtual node to use.
The resource ID of an existing Log Analytics Workspace to use for storing monitoring data.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
