Managed Clusters - Create Or Update

Service:

AKS

API Version:

2020-09-01

Creates or updates a managed cluster with the specified configuration for agents and Kubernetes version.

HTTP

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}?api-version=2020-09-01

URI Parameters

Name	In	Required	Type	Description
resourceGroupName	path	True	string	The name of the resource group.
resourceName	path	True	string	The name of the managed cluster resource. Regex pattern: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$
subscriptionId	path	True	string	Subscription credentials which uniquely identify Microsoft Azure subscription. The subscription ID forms part of the URI for every service call.
api-version	query	True	string	Client Api Version.

Request Body

Name	Required	Type	Description
location	True	string	Resource location
identity		ManagedClusterIdentity	The identity of the managed cluster, if configured.
properties.aadProfile		ManagedClusterAADProfile	Profile of Azure Active Directory configuration.
properties.addonProfiles		<string,  ManagedClusterAddonProfile>	Profile of managed cluster add-on.
properties.agentPoolProfiles		ManagedClusterAgentPoolProfile[]	Properties of the agent pool.
properties.apiServerAccessProfile		ManagedClusterAPIServerAccessProfile	Access profile for managed cluster API server.
properties.autoScalerProfile		AutoScalerProfile	Parameters to be applied to the cluster-autoscaler when enabled
properties.diskEncryptionSetID		string	ResourceId of the disk encryption set to use for enabling encryption at rest.
properties.dnsPrefix		string	DNS prefix specified when creating the managed cluster.
properties.enablePodSecurityPolicy		boolean	(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.
properties.enableRBAC		boolean	Whether to enable Kubernetes Role-Based Access Control.
properties.identityProfile			Identities associated with the cluster.
properties.kubernetesVersion		string	Version of Kubernetes specified when creating the managed cluster.
properties.linuxProfile		ContainerServiceLinuxProfile	Profile for Linux VMs in the container service cluster.
properties.networkProfile		ContainerServiceNetworkProfile	Profile of network configuration.
properties.nodeResourceGroup		string	Name of the resource group containing agent pool nodes.
properties.servicePrincipalProfile		ManagedClusterServicePrincipalProfile	Information about a service principal identity for the cluster to use for manipulating Azure APIs.
properties.windowsProfile		ManagedClusterWindowsProfile	Profile for Windows VMs in the container service cluster.
sku		ManagedClusterSKU	The managed cluster SKU.
tags		object	Resource tags

Responses

Name	Type	Description
200 OK	ManagedCluster	OK
201 Created	ManagedCluster	Created
Other Status Codes	CloudError	Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name	Description
user_impersonation	impersonate your user account

Examples

Create Managed Cluster with PPG

Create/Update AAD Managed Cluster with EnableAzureRBAC

Create/Update Managed Cluster

Create/Update Managed Cluster with EnableAHUB

Create Managed Cluster with PPG

Sample request

HTTP

HTTP

PUT https://management.azure.com/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2020-09-01

{
  "location": "location1",
  "tags": {
    "tier": "production",
    "archv2": ""
  },
  "sku": {
    "name": "Basic",
    "tier": "Free"
  },
  "properties": {
    "kubernetesVersion": "",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS2_v2",
        "osType": "Linux",
        "type": "VirtualMachineScaleSets",
        "enableNodePublicIP": true,
        "mode": "System",
        "proximityPlacementGroupID": "/subscriptions/subid1/resourcegroups/rg1/providers//Microsoft.Compute/proximityPlacementGroups/ppg1"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "networkProfile": {
      "loadBalancerSku": "standard",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "managedOutboundIPs": {
          "count": 2
        }
      }
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    },
    "windowsProfile": {
      "adminUsername": "azureuser",
      "adminPassword": "replacePassword1234$"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid",
      "secret": "secret"
    },
    "addonProfiles": {},
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true
  }
}

Sample response

Status code:

200

JSON

{
  "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
  "location": "location1",
  "name": "clustername1",
  "tags": {
    "archv2": "",
    "tier": "production"
  },
  "type": "Microsoft.ContainerService/ManagedClusters",
  "properties": {
    "provisioningState": "Succeeded",
    "maxAgentPools": 1,
    "kubernetesVersion": "1.9.6",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS2_v2",
        "maxPods": 110,
        "osType": "Linux",
        "provisioningState": "Succeeded",
        "orchestratorVersion": "1.9.6",
        "type": "VirtualMachineScaleSets",
        "enableNodePublicIP": true,
        "mode": "System",
        "nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
        "proximityPlacementGroupID": "/subscriptions/subid1/resourcegroups/rg1/providers//Microsoft.Compute/proximityPlacementGroups/ppg1"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "windowsProfile": {
      "adminUsername": "azureuser"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid"
    },
    "nodeResourceGroup": "MC_rg1_clustername1_location1",
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true,
    "fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
    "networkProfile": {
      "loadBalancerSku": "basic",
      "networkPlugin": "kubenet",
      "podCidr": "10.244.0.0/16",
      "serviceCidr": "10.0.0.0/16",
      "dnsServiceIP": "10.0.0.10",
      "dockerBridgeCidr": "172.17.0.1/16",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "allocatedOutboundPorts": 2000,
        "idleTimeoutInMinutes": 10,
        "managedOutboundIPs": {
          "count": 2
        },
        "effectiveOutboundIPs": [
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
          },
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
          }
        ]
      }
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    }
  }
}

Status code:

201

JSON

{
  "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
  "location": "location1",
  "name": "clustername1",
  "tags": {
    "archv2": "",
    "tier": "production"
  },
  "type": "Microsoft.ContainerService/ManagedClusters",
  "properties": {
    "provisioningState": "Creating",
    "maxAgentPools": 1,
    "kubernetesVersion": "1.9.6",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS2_v2",
        "maxPods": 110,
        "osType": "Linux",
        "provisioningState": "Creating",
        "orchestratorVersion": "1.9.6",
        "type": "VirtualMachineScaleSets",
        "enableNodePublicIP": true,
        "mode": "System",
        "proximityPlacementGroupID": "/subscriptions/subid1/resourcegroups/rg1/providers//Microsoft.Compute/proximityPlacementGroups/ppg1"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "windowsProfile": {
      "adminUsername": "azureuser"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid"
    },
    "nodeResourceGroup": "MC_rg1_clustername1_location1",
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true,
    "networkProfile": {
      "networkPlugin": "kubenet",
      "podCidr": "10.244.0.0/16",
      "serviceCidr": "10.0.0.0/16",
      "dnsServiceIP": "10.0.0.10",
      "dockerBridgeCidr": "172.17.0.1/16",
      "loadBalancerSku": "standard",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "allocatedOutboundPorts": 2000,
        "idleTimeoutInMinutes": 10,
        "managedOutboundIPs": {
          "count": 2
        },
        "effectiveOutboundIPs": [
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
          },
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
          }
        ]
      }
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    }
  }
}

Create/Update AAD Managed Cluster with EnableAzureRBAC

Sample request

HTTP

HTTP

PUT https://management.azure.com/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2020-09-01

{
  "location": "location1",
  "tags": {
    "tier": "production",
    "archv2": ""
  },
  "sku": {
    "name": "Basic",
    "tier": "Free"
  },
  "properties": {
    "kubernetesVersion": "",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "osType": "Linux",
        "type": "VirtualMachineScaleSets",
        "availabilityZones": [
          "1",
          "2",
          "3"
        ],
        "enableNodePublicIP": true,
        "mode": "System"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "networkProfile": {
      "loadBalancerSku": "standard",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "managedOutboundIPs": {
          "count": 2
        }
      }
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    },
    "windowsProfile": {
      "adminUsername": "azureuser",
      "adminPassword": "replacePassword1234$"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid",
      "secret": "secret"
    },
    "addonProfiles": {},
    "aadProfile": {
      "managed": true,
      "enableAzureRBAC": true
    },
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true
  }
}

Sample response

Status code:

200

JSON

{
  "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
  "location": "location1",
  "name": "clustername1",
  "tags": {
    "archv2": "",
    "tier": "production"
  },
  "type": "Microsoft.ContainerService/ManagedClusters",
  "properties": {
    "provisioningState": "Succeeded",
    "maxAgentPools": 1,
    "kubernetesVersion": "1.9.6",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "maxPods": 110,
        "osType": "Linux",
        "provisioningState": "Succeeded",
        "orchestratorVersion": "1.9.6",
        "type": "VirtualMachineScaleSets",
        "availabilityZones": [
          "1",
          "2",
          "3"
        ],
        "enableNodePublicIP": true,
        "mode": "System",
        "nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "windowsProfile": {
      "adminUsername": "azureuser"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid"
    },
    "nodeResourceGroup": "MC_rg1_clustername1_location1",
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true,
    "fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
    "networkProfile": {
      "loadBalancerSku": "basic",
      "networkPlugin": "kubenet",
      "podCidr": "10.244.0.0/16",
      "serviceCidr": "10.0.0.0/16",
      "dnsServiceIP": "10.0.0.10",
      "dockerBridgeCidr": "172.17.0.1/16",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "allocatedOutboundPorts": 2000,
        "idleTimeoutInMinutes": 10,
        "managedOutboundIPs": {
          "count": 2
        },
        "effectiveOutboundIPs": [
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
          },
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
          }
        ]
      }
    },
    "aadProfile": {
      "managed": true,
      "adminGroupObjectIDs": null,
      "enableAzureRBAC": true,
      "tenantID": "tenantID"
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    }
  }
}

Status code:

201

JSON

{
  "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
  "location": "location1",
  "name": "clustername1",
  "tags": {
    "archv2": "",
    "tier": "production"
  },
  "type": "Microsoft.ContainerService/ManagedClusters",
  "properties": {
    "provisioningState": "Creating",
    "maxAgentPools": 1,
    "kubernetesVersion": "1.9.6",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "maxPods": 110,
        "osType": "Linux",
        "provisioningState": "Creating",
        "orchestratorVersion": "1.9.6",
        "type": "VirtualMachineScaleSets",
        "availabilityZones": [
          "1",
          "2",
          "3"
        ],
        "enableNodePublicIP": true,
        "mode": "System"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "windowsProfile": {
      "adminUsername": "azureuser"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid"
    },
    "nodeResourceGroup": "MC_rg1_clustername1_location1",
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true,
    "networkProfile": {
      "networkPlugin": "kubenet",
      "podCidr": "10.244.0.0/16",
      "serviceCidr": "10.0.0.0/16",
      "dnsServiceIP": "10.0.0.10",
      "dockerBridgeCidr": "172.17.0.1/16",
      "loadBalancerSku": "standard",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "allocatedOutboundPorts": 2000,
        "idleTimeoutInMinutes": 10,
        "managedOutboundIPs": {
          "count": 2
        },
        "effectiveOutboundIPs": [
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
          },
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
          }
        ]
      }
    },
    "aadProfile": {
      "managed": true,
      "adminGroupObjectIDs": null,
      "enableAzureRBAC": true,
      "tenantID": "tenantID"
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    }
  }
}

Create/Update Managed Cluster

Sample request

HTTP

HTTP

PUT https://management.azure.com/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2020-09-01

{
  "location": "location1",
  "tags": {
    "tier": "production",
    "archv2": ""
  },
  "sku": {
    "name": "Basic",
    "tier": "Free"
  },
  "properties": {
    "kubernetesVersion": "",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "osType": "Linux",
        "type": "VirtualMachineScaleSets",
        "availabilityZones": [
          "1",
          "2",
          "3"
        ],
        "enableNodePublicIP": true,
        "mode": "System"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "networkProfile": {
      "loadBalancerSku": "standard",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "managedOutboundIPs": {
          "count": 2
        }
      }
    },
    "autoScalerProfile": {
      "balance-similar-node-groups": "true",
      "expander": "most-pods",
      "new-pod-scale-up-delay": "1m",
      "scale-down-delay-after-add": "15m",
      "scan-interval": "20s",
      "skip-nodes-with-system-pods": "false"
    },
    "windowsProfile": {
      "adminUsername": "azureuser",
      "adminPassword": "replacePassword1234$"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid",
      "secret": "secret"
    },
    "addonProfiles": {},
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true
  },
  "identity": {
    "type": "UserAssigned",
    "userAssignedIdentities": {
      "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
    }
  }
}

Sample response

Status code:

200

JSON

{
  "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
  "location": "location1",
  "name": "clustername1",
  "tags": {
    "archv2": "",
    "tier": "production"
  },
  "type": "Microsoft.ContainerService/ManagedClusters",
  "properties": {
    "provisioningState": "Succeeded",
    "maxAgentPools": 1,
    "kubernetesVersion": "1.9.6",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "maxPods": 110,
        "osType": "Linux",
        "provisioningState": "Succeeded",
        "orchestratorVersion": "1.9.6",
        "type": "VirtualMachineScaleSets",
        "availabilityZones": [
          "1",
          "2",
          "3"
        ],
        "enableNodePublicIP": true,
        "mode": "System",
        "nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "windowsProfile": {
      "adminUsername": "azureuser"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid"
    },
    "nodeResourceGroup": "MC_rg1_clustername1_location1",
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true,
    "fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
    "networkProfile": {
      "loadBalancerSku": "basic",
      "networkPlugin": "kubenet",
      "podCidr": "10.244.0.0/16",
      "serviceCidr": "10.0.0.0/16",
      "dnsServiceIP": "10.0.0.10",
      "dockerBridgeCidr": "172.17.0.1/16",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "allocatedOutboundPorts": 2000,
        "idleTimeoutInMinutes": 10,
        "managedOutboundIPs": {
          "count": 2
        },
        "effectiveOutboundIPs": [
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
          },
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
          }
        ]
      }
    },
    "autoScalerProfile": {
      "balance-similar-node-groups": "true",
      "expander": "most-pods",
      "new-pod-scale-up-delay": "1m",
      "scale-down-delay-after-add": "15m",
      "scan-interval": "20s",
      "skip-nodes-with-system-pods": "false"
    }
  },
  "identity": {
    "type": "UserAssigned",
    "userAssignedIdentities": {
      "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
        "principalId": "principalId1",
        "clientId": "clientId1"
      }
    }
  }
}

Status code:

201

JSON

{
  "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
  "location": "location1",
  "name": "clustername1",
  "tags": {
    "archv2": "",
    "tier": "production"
  },
  "type": "Microsoft.ContainerService/ManagedClusters",
  "properties": {
    "provisioningState": "Creating",
    "maxAgentPools": 1,
    "kubernetesVersion": "1.9.6",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "maxPods": 110,
        "osType": "Linux",
        "provisioningState": "Creating",
        "orchestratorVersion": "1.9.6",
        "type": "VirtualMachineScaleSets",
        "availabilityZones": [
          "1",
          "2",
          "3"
        ],
        "enableNodePublicIP": true,
        "mode": "System"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "windowsProfile": {
      "adminUsername": "azureuser"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid"
    },
    "nodeResourceGroup": "MC_rg1_clustername1_location1",
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true,
    "networkProfile": {
      "networkPlugin": "kubenet",
      "podCidr": "10.244.0.0/16",
      "serviceCidr": "10.0.0.0/16",
      "dnsServiceIP": "10.0.0.10",
      "dockerBridgeCidr": "172.17.0.1/16",
      "loadBalancerSku": "standard",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "allocatedOutboundPorts": 2000,
        "idleTimeoutInMinutes": 10,
        "managedOutboundIPs": {
          "count": 2
        },
        "effectiveOutboundIPs": [
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
          },
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
          }
        ]
      }
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    }
  },
  "identity": {
    "type": "UserAssigned",
    "userAssignedIdentities": {
      "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
        "principalId": "principalId1",
        "clientId": "clientId1"
      }
    }
  }
}

Create/Update Managed Cluster with EnableAHUB

Sample request

HTTP

HTTP

PUT https://management.azure.com/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2020-09-01

{
  "location": "location1",
  "tags": {
    "tier": "production",
    "archv2": ""
  },
  "sku": {
    "name": "Basic",
    "tier": "Free"
  },
  "properties": {
    "kubernetesVersion": "",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "osType": "Linux",
        "type": "VirtualMachineScaleSets",
        "availabilityZones": [
          "1",
          "2",
          "3"
        ],
        "enableNodePublicIP": true,
        "mode": "System"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "networkProfile": {
      "loadBalancerSku": "standard",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "managedOutboundIPs": {
          "count": 2
        }
      }
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    },
    "windowsProfile": {
      "adminUsername": "azureuser",
      "adminPassword": "replacePassword1234$",
      "licenseType": "Windows_Server"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid",
      "secret": "secret"
    },
    "addonProfiles": {},
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true
  },
  "identity": {
    "type": "UserAssigned",
    "userAssignedIdentities": {
      "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
    }
  }
}

Sample response

Status code:

200

JSON

{
  "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
  "location": "location1",
  "name": "clustername1",
  "tags": {
    "archv2": "",
    "tier": "production"
  },
  "type": "Microsoft.ContainerService/ManagedClusters",
  "properties": {
    "provisioningState": "Succeeded",
    "maxAgentPools": 1,
    "kubernetesVersion": "1.9.6",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "maxPods": 110,
        "osType": "Linux",
        "provisioningState": "Succeeded",
        "orchestratorVersion": "1.9.6",
        "type": "VirtualMachineScaleSets",
        "availabilityZones": [
          "1",
          "2",
          "3"
        ],
        "enableNodePublicIP": true,
        "mode": "System",
        "nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "windowsProfile": {
      "adminUsername": "azureuser",
      "licenseType": "Windows_Server"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid"
    },
    "nodeResourceGroup": "MC_rg1_clustername1_location1",
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true,
    "fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
    "networkProfile": {
      "loadBalancerSku": "basic",
      "networkPlugin": "kubenet",
      "podCidr": "10.244.0.0/16",
      "serviceCidr": "10.0.0.0/16",
      "dnsServiceIP": "10.0.0.10",
      "dockerBridgeCidr": "172.17.0.1/16",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "allocatedOutboundPorts": 2000,
        "idleTimeoutInMinutes": 10,
        "managedOutboundIPs": {
          "count": 2
        },
        "effectiveOutboundIPs": [
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
          },
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
          }
        ]
      }
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    }
  },
  "identity": {
    "type": "UserAssigned",
    "userAssignedIdentities": {
      "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
        "principalId": "principalId1",
        "clientId": "clientId1"
      }
    }
  }
}

Status code:

201

JSON

{
  "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
  "location": "location1",
  "name": "clustername1",
  "tags": {
    "archv2": "",
    "tier": "production"
  },
  "type": "Microsoft.ContainerService/ManagedClusters",
  "properties": {
    "provisioningState": "Creating",
    "maxAgentPools": 1,
    "kubernetesVersion": "1.9.6",
    "dnsPrefix": "dnsprefix1",
    "agentPoolProfiles": [
      {
        "name": "nodepool1",
        "count": 3,
        "vmSize": "Standard_DS1_v2",
        "maxPods": 110,
        "osType": "Linux",
        "provisioningState": "Creating",
        "orchestratorVersion": "1.9.6",
        "type": "VirtualMachineScaleSets",
        "availabilityZones": [
          "1",
          "2",
          "3"
        ],
        "enableNodePublicIP": true,
        "mode": "System"
      }
    ],
    "linuxProfile": {
      "adminUsername": "azureuser",
      "ssh": {
        "publicKeys": [
          {
            "keyData": "keydata"
          }
        ]
      }
    },
    "windowsProfile": {
      "adminUsername": "azureuser",
      "licenseType": "Windows_Server"
    },
    "servicePrincipalProfile": {
      "clientId": "clientid"
    },
    "nodeResourceGroup": "MC_rg1_clustername1_location1",
    "enableRBAC": true,
    "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
    "enablePodSecurityPolicy": true,
    "networkProfile": {
      "networkPlugin": "kubenet",
      "podCidr": "10.244.0.0/16",
      "serviceCidr": "10.0.0.0/16",
      "dnsServiceIP": "10.0.0.10",
      "dockerBridgeCidr": "172.17.0.1/16",
      "loadBalancerSku": "standard",
      "outboundType": "loadBalancer",
      "loadBalancerProfile": {
        "allocatedOutboundPorts": 2000,
        "idleTimeoutInMinutes": 10,
        "managedOutboundIPs": {
          "count": 2
        },
        "effectiveOutboundIPs": [
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
          },
          {
            "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
          }
        ]
      }
    },
    "autoScalerProfile": {
      "scan-interval": "20s",
      "scale-down-delay-after-add": "15m"
    }
  },
  "identity": {
    "type": "UserAssigned",
    "userAssignedIdentities": {
      "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
        "principalId": "principalId1",
        "clientId": "clientId1"
      }
    }
  }
}

Definitions

Name	Description
AgentPoolMode	AgentPoolMode represents mode of an agent pool.
AgentPoolType	AgentPoolType represents types of an agent pool.
AgentPoolUpgradeSettings	Settings for upgrading an agentpool
AutoScalerProfile	Parameters to be applied to the cluster-autoscaler when enabled
CloudError	An error response from the Container service.
CloudErrorBody	An error response from the Container service.
code	Tells whether the cluster is Running or Stopped
ContainerServiceLinuxProfile	Profile for Linux VMs in the container service cluster.
ContainerServiceNetworkProfile	Profile of network configuration.
ContainerServiceSshConfiguration	SSH configuration for Linux-based VMs running on Azure.
ContainerServiceSshPublicKey	Contains information about SSH certificate public key data.
ContainerServiceVMSizeTypes	Size of agent VMs.
expander
Identity	Information of user assigned identity used by this add-on.
licenseType	The licenseType to use for Windows VMs. Windows_Server is used to enable Azure Hybrid User Benefits for Windows VMs.
loadBalancerSku	The load balancer sku for the managed cluster.
ManagedCluster	Managed cluster.
ManagedClusterAADProfile	AADProfile specifies attributes for Azure Active Directory integration.
ManagedClusterAddonProfile	A Kubernetes add-on profile for a managed cluster.
ManagedClusterAgentPoolProfile	Profile for the container service agent pool.
ManagedClusterAPIServerAccessProfile	Access profile for managed cluster API server.
ManagedClusterIdentity	Identity for the managed cluster.
ManagedClusterLoadBalancerProfile	Profile of the managed cluster load balancer.
ManagedClusterServicePrincipalProfile	Information about a service principal identity for the cluster to use for manipulating Azure APIs.
ManagedClusterSKU
ManagedClusterSKUName	Name of a managed cluster SKU.
ManagedClusterSKUTier	Tier of a managed cluster SKU.
ManagedClusterWindowsProfile	Profile for Windows VMs in the container service cluster.
ManagedOutboundIPs	Desired managed outbound IPs for the cluster load balancer.
networkMode	Network mode used for building Kubernetes network.
NetworkPlugin	Network plugin used for building Kubernetes network.
NetworkPolicy	Network policy used for building Kubernetes network.
OSDiskType	OSDiskType represents the type of an OS disk on an agent pool.
OSType	OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.
OutboundIPPrefixes	Desired outbound IP Prefix resources for the cluster load balancer.
OutboundIPs	Desired outbound IP resources for the cluster load balancer.
outboundType	The outbound (egress) routing method.
PowerState	Describes the Power State of the cluster
ResourceIdentityType	The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.
ResourceReference	A reference to an Azure resource.
ScaleSetEvictionPolicy	ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.
ScaleSetPriority	ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.
UserAssignedIdentities	The user identity associated with the managed cluster. This identity will be used in control plane and only one user assigned identity is allowed. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

AgentPoolMode

Enumeration

AgentPoolMode represents mode of an agent pool.

Value	Description
System
User

AgentPoolType

Enumeration

AgentPoolType represents types of an agent pool.

Value	Description
AvailabilitySet
VirtualMachineScaleSets

AgentPoolUpgradeSettings

Object

Settings for upgrading an agentpool

Name	Type	Description
maxSurge	string	Count or percentage of additional nodes to be added during upgrade. If empty uses AKS default

AutoScalerProfile

Object

Parameters to be applied to the cluster-autoscaler when enabled

Name	Type	Description
balance-similar-node-groups	string
expander	expander
max-empty-bulk-delete	string
max-graceful-termination-sec	string
max-total-unready-percentage	string
new-pod-scale-up-delay	string
ok-total-unready-count	string
scale-down-delay-after-add	string
scale-down-delay-after-delete	string
scale-down-delay-after-failure	string
scale-down-unneeded-time	string
scale-down-unready-time	string
scale-down-utilization-threshold	string
scan-interval	string
skip-nodes-with-local-storage	string
skip-nodes-with-system-pods	string

CloudError

Object

An error response from the Container service.

Name	Type	Description
error	CloudErrorBody	Details about the error.

CloudErrorBody

Object

An error response from the Container service.

Name	Type	Description
code	string	An identifier for the error. Codes are invariant and are intended to be consumed programmatically.
details	CloudErrorBody[]	A list of additional details about the error.
message	string	A message describing the error, intended to be suitable for display in a user interface.
target	string	The target of the particular error. For example, the name of the property in error.

code

Enumeration

Tells whether the cluster is Running or Stopped

Value	Description
Running
Stopped

ContainerServiceLinuxProfile

Object

Profile for Linux VMs in the container service cluster.

Name	Type	Description
adminUsername	string	The administrator username to use for Linux VMs.
ssh	ContainerServiceSshConfiguration	SSH configuration for Linux-based VMs running on Azure.

ContainerServiceNetworkProfile

Object

Profile of network configuration.

Name	Type	Default value	Description
dnsServiceIP	string	10.0.0.10	An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.
dockerBridgeCidr	string	172.17.0.1/16	A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.
loadBalancerProfile	ManagedClusterLoadBalancerProfile		Profile of the cluster load balancer.
loadBalancerSku	loadBalancerSku		The load balancer sku for the managed cluster.
networkMode	networkMode		Network mode used for building Kubernetes network.
networkPlugin	NetworkPlugin	kubenet	Network plugin used for building Kubernetes network.
networkPolicy	NetworkPolicy		Network policy used for building Kubernetes network.
outboundType	outboundType	loadBalancer	The outbound (egress) routing method.
podCidr	string	10.244.0.0/16	A CIDR notation IP range from which to assign pod IPs when kubenet is used.
serviceCidr	string	10.0.0.0/16	A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.

ContainerServiceSshConfiguration

Object

SSH configuration for Linux-based VMs running on Azure.

Name	Type	Description
publicKeys	ContainerServiceSshPublicKey[]	The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.

ContainerServiceSshPublicKey

Object

Contains information about SSH certificate public key data.

Name	Type	Description
keyData	string	Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.

ContainerServiceVMSizeTypes

Enumeration

Size of agent VMs.

Value	Description
Standard_A1
Standard_A10
Standard_A11
Standard_A1_v2
Standard_A2
Standard_A2_v2
Standard_A2m_v2
Standard_A3
Standard_A4
Standard_A4_v2
Standard_A4m_v2
Standard_A5
Standard_A6
Standard_A7
Standard_A8
Standard_A8_v2
Standard_A8m_v2
Standard_A9
Standard_B2ms
Standard_B2s
Standard_B4ms
Standard_B8ms
Standard_D1
Standard_D11
Standard_D11_v2
Standard_D11_v2_Promo
Standard_D12
Standard_D12_v2
Standard_D12_v2_Promo
Standard_D13
Standard_D13_v2
Standard_D13_v2_Promo
Standard_D14
Standard_D14_v2
Standard_D14_v2_Promo
Standard_D15_v2
Standard_D16_v3
Standard_D16s_v3
Standard_D1_v2
Standard_D2
Standard_D2_v2
Standard_D2_v2_Promo
Standard_D2_v3
Standard_D2s_v3
Standard_D3
Standard_D32_v3
Standard_D32s_v3
Standard_D3_v2
Standard_D3_v2_Promo
Standard_D4
Standard_D4_v2
Standard_D4_v2_Promo
Standard_D4_v3
Standard_D4s_v3
Standard_D5_v2
Standard_D5_v2_Promo
Standard_D64_v3
Standard_D64s_v3
Standard_D8_v3
Standard_D8s_v3
Standard_DS1
Standard_DS11
Standard_DS11_v2
Standard_DS11_v2_Promo
Standard_DS12
Standard_DS12_v2
Standard_DS12_v2_Promo
Standard_DS13
Standard_DS13-2_v2
Standard_DS13-4_v2
Standard_DS13_v2
Standard_DS13_v2_Promo
Standard_DS14
Standard_DS14-4_v2
Standard_DS14-8_v2
Standard_DS14_v2
Standard_DS14_v2_Promo
Standard_DS15_v2
Standard_DS1_v2
Standard_DS2
Standard_DS2_v2
Standard_DS2_v2_Promo
Standard_DS3
Standard_DS3_v2
Standard_DS3_v2_Promo
Standard_DS4
Standard_DS4_v2
Standard_DS4_v2_Promo
Standard_DS5_v2
Standard_DS5_v2_Promo
Standard_E16_v3
Standard_E16s_v3
Standard_E2_v3
Standard_E2s_v3
Standard_E32-16s_v3
Standard_E32-8s_v3
Standard_E32_v3
Standard_E32s_v3
Standard_E4_v3
Standard_E4s_v3
Standard_E64-16s_v3
Standard_E64-32s_v3
Standard_E64_v3
Standard_E64s_v3
Standard_E8_v3
Standard_E8s_v3
Standard_F1
Standard_F16
Standard_F16s
Standard_F16s_v2
Standard_F1s
Standard_F2
Standard_F2s
Standard_F2s_v2
Standard_F32s_v2
Standard_F4
Standard_F4s
Standard_F4s_v2
Standard_F64s_v2
Standard_F72s_v2
Standard_F8
Standard_F8s
Standard_F8s_v2
Standard_G1
Standard_G2
Standard_G3
Standard_G4
Standard_G5
Standard_GS1
Standard_GS2
Standard_GS3
Standard_GS4
Standard_GS4-4
Standard_GS4-8
Standard_GS5
Standard_GS5-16
Standard_GS5-8
Standard_H16
Standard_H16m
Standard_H16mr
Standard_H16r
Standard_H8
Standard_H8m
Standard_L16s
Standard_L32s
Standard_L4s
Standard_L8s
Standard_M128-32ms
Standard_M128-64ms
Standard_M128ms
Standard_M128s
Standard_M64-16ms
Standard_M64-32ms
Standard_M64ms
Standard_M64s
Standard_NC12
Standard_NC12s_v2
Standard_NC12s_v3
Standard_NC24
Standard_NC24r
Standard_NC24rs_v2
Standard_NC24rs_v3
Standard_NC24s_v2
Standard_NC24s_v3
Standard_NC6
Standard_NC6s_v2
Standard_NC6s_v3
Standard_ND12s
Standard_ND24rs
Standard_ND24s
Standard_ND6s
Standard_NV12
Standard_NV24
Standard_NV6

expander

Enumeration

Value	Description
least-waste
most-pods
random

Identity

Object

Information of user assigned identity used by this add-on.

Name	Type	Description
clientId	string	The client id of the user assigned identity.
objectId	string	The object id of the user assigned identity.
resourceId	string	The resource id of the user assigned identity.

licenseType

Enumeration

The licenseType to use for Windows VMs. Windows_Server is used to enable Azure Hybrid User Benefits for Windows VMs.

Value	Description
None
Windows_Server

loadBalancerSku

Enumeration

The load balancer sku for the managed cluster.

Value	Description
basic
standard

ManagedCluster

Object

Managed cluster.

Name	Type	Description
id	string	Resource Id
identity	ManagedClusterIdentity	The identity of the managed cluster, if configured.
location	string	Resource location
name	string	Resource name
properties.aadProfile	ManagedClusterAADProfile	Profile of Azure Active Directory configuration.
properties.addonProfiles	<string,  ManagedClusterAddonProfile>	Profile of managed cluster add-on.
properties.agentPoolProfiles	ManagedClusterAgentPoolProfile[]	Properties of the agent pool.
properties.apiServerAccessProfile	ManagedClusterAPIServerAccessProfile	Access profile for managed cluster API server.
properties.autoScalerProfile	AutoScalerProfile	Parameters to be applied to the cluster-autoscaler when enabled
properties.diskEncryptionSetID	string	ResourceId of the disk encryption set to use for enabling encryption at rest.
properties.dnsPrefix	string	DNS prefix specified when creating the managed cluster.
properties.enablePodSecurityPolicy	boolean	(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.
properties.enableRBAC	boolean	Whether to enable Kubernetes Role-Based Access Control.
properties.fqdn	string	FQDN for the master pool.
properties.identityProfile		Identities associated with the cluster.
properties.kubernetesVersion	string	Version of Kubernetes specified when creating the managed cluster.
properties.linuxProfile	ContainerServiceLinuxProfile	Profile for Linux VMs in the container service cluster.
properties.maxAgentPools	integer	The max number of agent pools for the managed cluster.
properties.networkProfile	ContainerServiceNetworkProfile	Profile of network configuration.
properties.nodeResourceGroup	string	Name of the resource group containing agent pool nodes.
properties.powerState	PowerState	Represents the Power State of the cluster
properties.privateFQDN	string	FQDN of private cluster.
properties.provisioningState	string	The current deployment or provisioning state, which only appears in the response.
properties.servicePrincipalProfile	ManagedClusterServicePrincipalProfile	Information about a service principal identity for the cluster to use for manipulating Azure APIs.
properties.windowsProfile	ManagedClusterWindowsProfile	Profile for Windows VMs in the container service cluster.
sku	ManagedClusterSKU	The managed cluster SKU.
tags	object	Resource tags
type	string	Resource type

ManagedClusterAADProfile

Object

AADProfile specifies attributes for Azure Active Directory integration.

Name	Type	Description
adminGroupObjectIDs	string[]	AAD group object IDs that will have admin role of the cluster.
clientAppID	string	The client AAD application ID.
enableAzureRBAC	boolean	Whether to enable Azure RBAC for Kubernetes authorization.
managed	boolean	Whether to enable managed AAD.
serverAppID	string	The server AAD application ID.
serverAppSecret	string	The server AAD application secret.
tenantID	string	The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.

ManagedClusterAddonProfile

Object

A Kubernetes add-on profile for a managed cluster.

Name	Type	Description
config	object	Key-value pairs for configuring an add-on.
enabled	boolean	Whether the add-on is enabled or not.
identity	Identity	Information of user assigned identity used by this add-on.

ManagedClusterAgentPoolProfile

Object

Profile for the container service agent pool.

Name	Type	Default value	Description
availabilityZones	string[]		Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.
count	integer		Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.
enableAutoScaling	boolean		Whether to enable auto-scaler
enableNodePublicIP	boolean		Enable public IP for nodes
maxCount	integer		Maximum number of nodes for auto-scaling
maxPods	integer		Maximum number of pods that can run on a node.
minCount	integer		Minimum number of nodes for auto-scaling
mode	AgentPoolMode		AgentPoolMode represents mode of an agent pool
name	string		Unique name of the agent pool profile in the context of the subscription and resource group.
nodeImageVersion	string		Version of node image
nodeLabels	object		Agent pool node labels to be persisted across all nodes in agent pool.
nodeTaints	string[]		Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.
orchestratorVersion	string		Version of orchestrator specified when creating the managed cluster.
osDiskSizeGB	integer		OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.
osDiskType	OSDiskType		OS disk type to be used for machines in a given agent pool. Allowed values are 'Ephemeral' and 'Managed'. Defaults to 'Managed'. May not be changed after creation.
osType	OSType	Linux	OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.
powerState	PowerState		Describes whether the Agent Pool is Running or Stopped
provisioningState	string		The current deployment or provisioning state, which only appears in the response.
proximityPlacementGroupID	string		The ID for Proximity Placement Group.
scaleSetEvictionPolicy	ScaleSetEvictionPolicy	Delete	ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.
scaleSetPriority	ScaleSetPriority	Regular	ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.
spotMaxPrice	number	-1	SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.
tags	object		Agent pool tags to be persisted on the agent pool virtual machine scale set.
type	AgentPoolType		AgentPoolType represents types of an agent pool
upgradeSettings	AgentPoolUpgradeSettings		Settings for upgrading the agentpool
vmSize	ContainerServiceVMSizeTypes		Size of agent VMs.
vnetSubnetID	string		VNet SubnetID specifies the VNet's subnet identifier.

ManagedClusterAPIServerAccessProfile

Object

Access profile for managed cluster API server.

Name	Type	Description
authorizedIPRanges	string[]	Authorized IP Ranges to kubernetes API server.
enablePrivateCluster	boolean	Whether to create the cluster as a private cluster or not.

ManagedClusterIdentity

Object

Identity for the managed cluster.

Name	Type	Description
principalId	string	The principal id of the system assigned identity which is used by master components.
tenantId	string	The tenant id of the system assigned identity which is used by master components.
type	ResourceIdentityType	The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.
userAssignedIdentities	UserAssignedIdentities	The user identity associated with the managed cluster. This identity will be used in control plane and only one user assigned identity is allowed. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

ManagedClusterLoadBalancerProfile

Object

Profile of the managed cluster load balancer.

Name	Type	Default value	Description
allocatedOutboundPorts	integer	0	Desired number of allocated SNAT ports per VM. Allowed values must be in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.
effectiveOutboundIPs	ResourceReference[]		The effective outbound IP resources of the cluster load balancer.
idleTimeoutInMinutes	integer	30	Desired outbound flow idle timeout in minutes. Allowed values must be in the range of 4 to 120 (inclusive). The default value is 30 minutes.
managedOutboundIPs	ManagedOutboundIPs		Desired managed outbound IPs for the cluster load balancer.
outboundIPPrefixes	OutboundIPPrefixes		Desired outbound IP Prefix resources for the cluster load balancer.
outboundIPs	OutboundIPs		Desired outbound IP resources for the cluster load balancer.

ManagedClusterServicePrincipalProfile

Object

Information about a service principal identity for the cluster to use for manipulating Azure APIs.

Name	Type	Description
clientId	string	The ID for the service principal.
secret	string	The secret password associated with the service principal in plain text.

ManagedClusterSKU

Object

Name	Type	Description
name	ManagedClusterSKUName	Name of a managed cluster SKU.
tier	ManagedClusterSKUTier	Tier of a managed cluster SKU.

ManagedClusterSKUName

Enumeration

Name of a managed cluster SKU.

Value	Description
Basic

ManagedClusterSKUTier

Enumeration

Tier of a managed cluster SKU.

Value	Description
Free
Paid

ManagedClusterWindowsProfile

Object

Profile for Windows VMs in the container service cluster.

Name	Type	Description
adminPassword	string	Specifies the password of the administrator account. Minimum-length: 8 characters Max-length: 123 characters Complexity requirements: 3 out of 4 conditions below need to be fulfilled Has lower characters Has upper characters Has a digit Has a special character (Regex match [\W_]) Disallowed values: "abc@123", "P@$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"
adminUsername	string	Specifies the name of the administrator account. restriction: Cannot end in "." Disallowed values: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". Minimum-length: 1 character Max-length: 20 characters
licenseType	licenseType	The licenseType to use for Windows VMs. Windows_Server is used to enable Azure Hybrid User Benefits for Windows VMs.

ManagedOutboundIPs

Object

Desired managed outbound IPs for the cluster load balancer.

Name	Type	Default value	Description
count	integer	1	Desired number of outbound IP created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.

networkMode

Enumeration

Network mode used for building Kubernetes network.

Value	Description
bridge
transparent

NetworkPlugin

Enumeration

Network plugin used for building Kubernetes network.

Value	Description
azure
kubenet

NetworkPolicy

Enumeration

Network policy used for building Kubernetes network.

Value	Description
azure
calico

OSDiskType

Enumeration

OSDiskType represents the type of an OS disk on an agent pool.

Value	Description
Ephemeral
Managed

OSType

Enumeration

OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.

Value	Description
Linux
Windows

OutboundIPPrefixes

Object

Desired outbound IP Prefix resources for the cluster load balancer.

Name	Type	Description
publicIPPrefixes	ResourceReference[]	A list of public IP prefix resources.

OutboundIPs

Object

Desired outbound IP resources for the cluster load balancer.

Name	Type	Description
publicIPs	ResourceReference[]	A list of public IP resources.

outboundType

Enumeration

The outbound (egress) routing method.

Value	Description
loadBalancer
userDefinedRouting

PowerState

Object

Describes the Power State of the cluster

Name	Type	Description
code	code	Tells whether the cluster is Running or Stopped

ResourceIdentityType

Enumeration

The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.

Value	Description
None
SystemAssigned
UserAssigned

ResourceReference

Object

A reference to an Azure resource.

Name	Type	Description
id	string	The fully qualified Azure resource id.

ScaleSetEvictionPolicy

Enumeration

ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.

Value	Description
Deallocate
Delete

ScaleSetPriority

Enumeration

ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.

Value	Description
Regular
Spot

UserAssignedIdentities

Object

The user identity associated with the managed cluster. This identity will be used in control plane and only one user assigned identity is allowed. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

Name	Type	Description