你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn

Container Groups - Get

Get the properties of the specified container group.
Gets the properties of the specified container group in the specified subscription and resource group. The operation returns the properties of each container group including containers, image registry credentials, restart policy, IP address type, OS type, state, and volumes.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerInstance/containerGroups/{containerGroupName}?api-version=2023-05-01

URI Parameters

Name In Required Type Description
containerGroupName
path True

string

The name of the container group.

resourceGroupName
path True

string

The name of the resource group.

subscriptionId
path True

string

Subscription credentials which uniquely identify Microsoft Azure subscription. The subscription ID forms part of the URI for every service call.

api-version
query True

string

Client API version

Responses

Name Type Description
200 OK

ContainerGroup

OK

Other Status Codes

CloudError

Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation Impersonate your user account

Examples

ContainerGroupsGet_Failed
ContainerGroupsGet_Succeeded
ContainerGroupsGetWithPriority

ContainerGroupsGet_Failed

Sample request

GET https://management.azure.com/subscriptions/subid/resourceGroups/demo/providers/Microsoft.ContainerInstance/containerGroups/demo1?api-version=2023-05-01

Sample response

{
  "id": "/subscriptions/subid/resourceGroups/demo/providers/Microsoft.ContainerInstance/containerGroups/demo1",
  "location": "WestUs",
  "name": "demo1",
  "properties": {
    "containers": [
      {
        "name": "demo1",
        "properties": {
          "command": [],
          "environmentVariables": [],
          "image": "nginx",
          "instanceView": {
            "restartCount": 0,
            "currentState": {
              "state": "Waiting",
              "startTime": "2017-08-08T00:09:10Z",
              "detailStatus": ""
            },
            "events": [
              {
                "count": 1,
                "firstTimestamp": "2017-08-08T00:09:01Z",
                "lastTimestamp": "2017-08-08T00:09:01Z",
                "message": "pulling image \"nginx\"",
                "name": "Pulling",
                "type": "Normal"
              },
              {
                "count": 1,
                "firstTimestamp": "2017-08-08T00:09:10Z",
                "lastTimestamp": "2017-08-08T00:09:10Z",
                "message": "Successfully pulled image \"nginx\"",
                "name": "Pulled",
                "type": "Normal"
              }
            ]
          },
          "ports": [
            {
              "port": 80
            }
          ],
          "resources": {
            "requests": {
              "cpu": 1,
              "memoryInGB": 1.5
            }
          },
          "volumeMounts": [
            {
              "mountPath": "/mnt/volume1",
              "name": "volume1",
              "readOnly": false
            }
          ]
        }
      }
    ],
    "imageRegistryCredentials": [
      {
        "server": "azcloudconsoleregistry.azurecr.io",
        "username": "azcloudconsoleregistry"
      }
    ],
    "instanceView": {
      "events": [
        {
          "count": 1,
          "firstTimestamp": "2017-10-08T00:19:10Z",
          "lastTimestamp": "2017-10-08T00:19:10Z",
          "message": "Output: mount error(2): Permission denied",
          "name": "FailedMount",
          "type": "Normal"
        }
      ],
      "state": "Pending"
    },
    "ipAddress": {
      "ip": "10.0.0.1",
      "ports": [
        {
          "port": 80,
          "protocol": "TCP"
        }
      ],
      "type": "Public"
    },
    "osType": "Linux",
    "provisioningState": "Failed",
    "volumes": [
      {
        "azureFile": {
          "readOnly": false,
          "shareName": "share1",
          "storageAccountName": "storage1"
        },
        "name": "volume1"
      }
    ]
  },
  "type": "Microsoft.ContainerInstance/containerGroups"
}

ContainerGroupsGet_Succeeded

Sample request

GET https://management.azure.com/subscriptions/subid/resourceGroups/demo/providers/Microsoft.ContainerInstance/containerGroups/demo1?api-version=2023-05-01

Sample response

{
  "id": "/subscriptions/subid/resourceGroups/demo/providers/Microsoft.ContainerInstance/containerGroups/demo1",
  "location": "WestUs",
  "zones": [
    "1"
  ],
  "name": "demo1",
  "properties": {
    "containers": [
      {
        "name": "demo1",
        "properties": {
          "command": [],
          "environmentVariables": [],
          "image": "nginx",
          "ports": [
            {
              "port": 80
            }
          ],
          "resources": {
            "requests": {
              "cpu": 1,
              "memoryInGB": 1.5
            }
          },
          "volumeMounts": [
            {
              "mountPath": "/mnt/volume1",
              "name": "volume1",
              "readOnly": false
            }
          ]
        }
      }
    ],
    "imageRegistryCredentials": [
      {
        "server": "azcloudconsoleregistry.azurecr.io",
        "username": "azcloudconsoleregistry"
      }
    ],
    "ipAddress": {
      "ip": "10.0.0.1",
      "ports": [
        {
          "port": 80,
          "protocol": "TCP"
        }
      ],
      "type": "Public"
    },
    "osType": "Linux",
    "provisioningState": "Succeeded",
    "volumes": [
      {
        "azureFile": {
          "readOnly": false,
          "shareName": "share1",
          "storageAccountName": "storage1"
        },
        "name": "volume1"
      }
    ]
  },
  "type": "Microsoft.ContainerInstance/containerGroups"
}

ContainerGroupsGetWithPriority

Sample request

GET https://management.azure.com/subscriptions/subid/resourceGroups/demo/providers/Microsoft.ContainerInstance/containerGroups/demo1?api-version=2023-05-01

Sample response

{
  "properties": {
    "sku": "Standard",
    "provisioningState": "Succeeded",
    "containers": [
      {
        "name": "test-container-001",
        "properties": {
          "image": "alpine:latest",
          "command": [
            "/bin/sh",
            "-c",
            "sleep 10"
          ],
          "ports": [],
          "environmentVariables": [],
          "instanceView": {
            "restartCount": 0,
            "currentState": {
              "state": "Terminated",
              "startTime": "2022-11-11T19:33:44.217Z",
              "exitCode": 0,
              "finishTime": "2022-11-11T19:33:55.565Z",
              "detailStatus": "Completed"
            },
            "events": [
              {
                "count": 2,
                "firstTimestamp": "2022-11-11T19:28:22Z",
                "lastTimestamp": "2022-11-11T19:32:09Z",
                "name": "Pulling",
                "message": "pulling image \"alpine@sha256:1304f174557314a7ed9eddb4eab12fed12cb0cd9809e4c28f29af86979a3c870\"",
                "type": "Normal"
              },
              {
                "count": 2,
                "firstTimestamp": "2022-11-11T19:32:08Z",
                "lastTimestamp": "2022-11-11T19:32:38Z",
                "name": "Pulled",
                "message": "Successfully pulled image \"alpine@sha256:1304f174557314a7ed9eddb4eab12fed12cb0cd9809e4c28f29af86979a3c870\"",
                "type": "Normal"
              },
              {
                "count": 1,
                "firstTimestamp": "2022-11-11T19:33:44Z",
                "lastTimestamp": "2022-11-11T19:33:44Z",
                "name": "Started",
                "message": "Started container",
                "type": "Normal"
              }
            ]
          },
          "resources": {
            "requests": {
              "memoryInGB": 1,
              "cpu": 1
            }
          }
        }
      }
    ],
    "initContainers": [],
    "restartPolicy": "Never",
    "osType": "Linux",
    "instanceView": {
      "events": [],
      "state": "Succeeded"
    },
    "priority": "Spot"
  },
  "id": "/subscriptions/subId/resourceGroups/demo/providers/Microsoft.ContainerInstance/containerGroups/demo1",
  "name": "demo1",
  "type": "Microsoft.ContainerInstance/containerGroups",
  "location": "eastus"
}

Definitions

Name Description
AzureFileVolume

The properties of the Azure File volume. Azure File shares are mounted as volumes.

CloudError

An error response from the Container Instance service.

CloudErrorBody

An error response from the Container Instance service.

ConfidentialComputeProperties

The properties for confidential container group

Container

A container instance.

ContainerExec

The container execution command, for liveness or readiness probe

ContainerGroup

A container group.

ContainerGroupDiagnostics

Container group diagnostic information.

ContainerGroupIdentity

Identity for the container group.

ContainerGroupIpAddressType

Specifies if the IP is exposed to the public internet or private VNET.

ContainerGroupNetworkProtocol

The protocol associated with the port.

ContainerGroupPriority

The priority of the container group.

ContainerGroupProperties.properties.InstanceView

The instance view of the container group. Only valid in response.

ContainerGroupRestartPolicy

Restart policy for all containers within the container group.

  • Always Always restart
  • OnFailure Restart on failure
  • Never Never restart
ContainerGroupSku

The container group SKU.

ContainerGroupSubnetId

Container group subnet information.

ContainerHttpGet

The container Http Get settings, for liveness or readiness probe

ContainerNetworkProtocol

The protocol associated with the port.

ContainerPort

The port exposed on the container instance.

ContainerProbe

The container probe, for liveness or readiness

ContainerState

The container instance state.

DeploymentExtensionSpec

Extension sidecars to be added to the deployment.

DnsConfiguration

DNS configuration for the container group.

dnsNameLabelReusePolicy

The value representing the security enum. The 'Unsecure' value is the default value if not selected and means the object's domain name label is not secured against subdomain takeover. The 'TenantReuse' value is the default value if selected and means the object's domain name label can be reused within the same tenant. The 'SubscriptionReuse' value means the object's domain name label can be reused within the same subscription. The 'ResourceGroupReuse' value means the object's domain name label can be reused within the same resource group. The 'NoReuse' value means the object's domain name label cannot be reused within the same resource group, subscription, or tenant.

EmptyDirVolume

The empty directory volume.

EncryptionProperties

The container group encryption properties.

EnvironmentVariable

The environment variable to set within the container instance.

Event

A container group or container instance event.

GitRepoVolume

Represents a volume that is populated with the contents of a git repository

GpuResource

The GPU resource.

GpuSku

The SKU of the GPU resource.

HttpHeader

The HTTP header.

ImageRegistryCredential

Image registry credential.

InitContainerDefinition

The init container definition.

InitContainerPropertiesDefinition.InstanceView

The instance view of the init container. Only valid in response.

InstanceView

The instance view of the container instance. Only valid in response.

IpAddress

IP address for the container group.

LogAnalytics

Container group log analytics information.

LogAnalyticsLogType

The log type to be used.

OperatingSystemTypes

The operating system type required by the containers in the container group.

Port

The port exposed on the container group.

ResourceIdentityType

The type of identity used for the container group. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the container group.

ResourceLimits

The resource limits.

ResourceRequests

The resource requests.

ResourceRequirements

The resource requirements.

Scheme

The scheme.

SecurityContextCapabilitiesDefinition

The capabilities to add or drop from a container.

SecurityContextDefinition

The security context for the container.

UserAssignedIdentities

The list of user identities associated with the container group. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

Volume

The properties of the volume.

VolumeMount

The properties of the volume mount.

AzureFileVolume

The properties of the Azure File volume. Azure File shares are mounted as volumes.

Name Type Description
readOnly

boolean

The flag indicating whether the Azure File shared mounted as a volume is read-only.

shareName

string

The name of the Azure File share to be mounted as a volume.

storageAccountKey

string

The storage account access key used to access the Azure File share.

storageAccountName

string

The name of the storage account that contains the Azure File share.

CloudError

An error response from the Container Instance service.

Name Type Description
error

CloudErrorBody

An error response from the Container Instance service.

CloudErrorBody

An error response from the Container Instance service.

Name Type Description
code

string

An identifier for the error. Codes are invariant and are intended to be consumed programmatically.

details

CloudErrorBody[]

A list of additional details about the error.

message

string

A message describing the error, intended to be suitable for display in a user interface.

target

string

The target of the particular error. For example, the name of the property in error.

ConfidentialComputeProperties

The properties for confidential container group

Name Type Description
ccePolicy

string

The base64 encoded confidential compute enforcement policy

Container

A container instance.

Name Type Description
name

string

The user-provided name of the container instance.

properties.command

string[]

The commands to execute within the container instance in exec form.

properties.environmentVariables

EnvironmentVariable[]

The environment variables to set in the container instance.

properties.image

string

The name of the image used to create the container instance.

properties.instanceView

InstanceView

The instance view of the container instance. Only valid in response.

properties.livenessProbe

ContainerProbe

The liveness probe.

properties.ports

ContainerPort[]

The exposed ports on the container instance.

properties.readinessProbe

ContainerProbe

The readiness probe.

properties.resources

ResourceRequirements

The resource requirements of the container instance.

properties.securityContext

SecurityContextDefinition

The container security properties.

properties.volumeMounts

VolumeMount[]

The volume mounts available to the container instance.

ContainerExec

The container execution command, for liveness or readiness probe

Name Type Description
command

string[]

The commands to execute within the container.

ContainerGroup

A container group.

Name Type Description
id

string

The resource id.

identity

ContainerGroupIdentity

The identity of the container group, if configured.

location

string

The resource location.

name

string

The resource name.

properties.confidentialComputeProperties

ConfidentialComputeProperties

The properties for confidential container group

properties.containers

Container[]

The containers within the container group.

properties.diagnostics

ContainerGroupDiagnostics

The diagnostic information for a container group.

properties.dnsConfig

DnsConfiguration

The DNS config information for a container group.

properties.encryptionProperties

EncryptionProperties

The encryption properties for a container group.

properties.extensions

DeploymentExtensionSpec[]

extensions used by virtual kubelet

properties.imageRegistryCredentials

ImageRegistryCredential[]

The image registry credentials by which the container group is created from.

properties.initContainers

InitContainerDefinition[]

The init containers for a container group.

properties.instanceView

ContainerGroupProperties.properties.InstanceView

The instance view of the container group. Only valid in response.

properties.ipAddress

IpAddress

The IP address type of the container group.

properties.osType

OperatingSystemTypes

The operating system type required by the containers in the container group.

properties.priority

ContainerGroupPriority

The priority of the container group.

properties.provisioningState

string

The provisioning state of the container group. This only appears in the response.

properties.restartPolicy

ContainerGroupRestartPolicy

Restart policy for all containers within the container group.

  • Always Always restart
  • OnFailure Restart on failure
  • Never Never restart
properties.sku

ContainerGroupSku

The SKU for a container group.

properties.subnetIds

ContainerGroupSubnetId[]

The subnet resource IDs for a container group.

properties.volumes

Volume[]

The list of volumes that can be mounted by containers in this container group.

tags

object

The resource tags.

type

string

The resource type.

zones

string[]

The zones for the container group.

ContainerGroupDiagnostics

Container group diagnostic information.

Name Type Description
logAnalytics

LogAnalytics

Container group log analytics information.

ContainerGroupIdentity

Identity for the container group.

Name Type Description
principalId

string

The principal id of the container group identity. This property will only be provided for a system assigned identity.

tenantId

string

The tenant id associated with the container group. This property will only be provided for a system assigned identity.

type

ResourceIdentityType

The type of identity used for the container group. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the container group.

userAssignedIdentities

<string,  UserAssignedIdentities>

The list of user identities associated with the container group.

ContainerGroupIpAddressType

Specifies if the IP is exposed to the public internet or private VNET.

Name Type Description
Private

string

Public

string

ContainerGroupNetworkProtocol

The protocol associated with the port.

Name Type Description
TCP

string

UDP

string

ContainerGroupPriority

The priority of the container group.

Name Type Description
Regular

string

Spot

string

ContainerGroupProperties.properties.InstanceView

The instance view of the container group. Only valid in response.

Name Type Description
events

Event[]

The events of this container group.

state

string

The state of the container group. Only valid in response.

ContainerGroupRestartPolicy

Restart policy for all containers within the container group.

  • Always Always restart
  • OnFailure Restart on failure
  • Never Never restart
Name Type Description
Always

string

Never

string

OnFailure

string

ContainerGroupSku

The container group SKU.

Name Type Description
Confidential

string

Dedicated

string

Standard

string

ContainerGroupSubnetId

Container group subnet information.

Name Type Description
id

string

Resource ID of virtual network and subnet.

name

string

Friendly name for the subnet.

ContainerHttpGet

The container Http Get settings, for liveness or readiness probe

Name Type Description
httpHeaders

HttpHeader[]

The HTTP headers.

path

string

The path to probe.

port

integer

The port number to probe.

scheme

Scheme

The scheme.

ContainerNetworkProtocol

The protocol associated with the port.

Name Type Description
TCP

string

UDP

string

ContainerPort

The port exposed on the container instance.

Name Type Description
port

integer

The port number exposed within the container group.

protocol

ContainerNetworkProtocol

The protocol associated with the port.

ContainerProbe

The container probe, for liveness or readiness

Name Type Description
exec

ContainerExec

The execution command to probe

failureThreshold

integer

The failure threshold.

httpGet

ContainerHttpGet

The Http Get settings to probe

initialDelaySeconds

integer

The initial delay seconds.

periodSeconds

integer

The period seconds.

successThreshold

integer

The success threshold.

timeoutSeconds

integer

The timeout seconds.

ContainerState

The container instance state.

Name Type Description
detailStatus

string

The human-readable status of the container instance state.

exitCode

integer

The container instance exit codes correspond to those from the docker run command.

finishTime

string

The date-time when the container instance state finished.

startTime

string

The date-time when the container instance state started.

state

string

The state of the container instance.

DeploymentExtensionSpec

Extension sidecars to be added to the deployment.

Name Type Description
name

string

Name of the extension.

properties.extensionType

string

Type of extension to be added.

properties.protectedSettings

object

Protected settings for the extension.

properties.settings

object

Settings for the extension.

properties.version

string

Version of the extension being used.

DnsConfiguration

DNS configuration for the container group.

Name Type Description
nameServers

string[]

The DNS servers for the container group.

options

string

The DNS options for the container group.

searchDomains

string

The DNS search domains for hostname lookup in the container group.

dnsNameLabelReusePolicy

The value representing the security enum. The 'Unsecure' value is the default value if not selected and means the object's domain name label is not secured against subdomain takeover. The 'TenantReuse' value is the default value if selected and means the object's domain name label can be reused within the same tenant. The 'SubscriptionReuse' value means the object's domain name label can be reused within the same subscription. The 'ResourceGroupReuse' value means the object's domain name label can be reused within the same resource group. The 'NoReuse' value means the object's domain name label cannot be reused within the same resource group, subscription, or tenant.

Name Type Description
Noreuse

string

ResourceGroupReuse

string

SubscriptionReuse

string

TenantReuse

string

Unsecure

string

EmptyDirVolume

The empty directory volume.

EncryptionProperties

The container group encryption properties.

Name Type Description
identity

string

The keyvault managed identity.

keyName

string

The encryption key name.

keyVersion

string

The encryption key version.

vaultBaseUrl

string

The keyvault base url.

EnvironmentVariable

The environment variable to set within the container instance.

Name Type Description
name

string

The name of the environment variable.

secureValue

string

The value of the secure environment variable.

value

string

The value of the environment variable.

Event

A container group or container instance event.

Name Type Description
count

integer

The count of the event.

firstTimestamp

string

The date-time of the earliest logged event.

lastTimestamp

string

The date-time of the latest logged event.

message

string

The event message.

name

string

The event name.

type

string

The event type.

GitRepoVolume

Represents a volume that is populated with the contents of a git repository

Name Type Description
directory

string

Target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.

repository

string

Repository URL

revision

string

Commit hash for the specified revision.

GpuResource

The GPU resource.

Name Type Description
count

integer

The count of the GPU resource.

sku

GpuSku

The SKU of the GPU resource.

GpuSku

The SKU of the GPU resource.

Name Type Description
K80

string

P100

string

V100

string

HttpHeader

The HTTP header.

Name Type Description
name

string

The header name.

value

string

The header value.

ImageRegistryCredential

Image registry credential.

Name Type Description
identity

string

The identity for the private registry.

identityUrl

string

The identity URL for the private registry.

password

string

The password for the private registry.

server

string

The Docker image registry server without a protocol such as "http" and "https".

username

string

The username for the private registry.

InitContainerDefinition

The init container definition.

Name Type Description
name

string

The name for the init container.

properties.command

string[]

The command to execute within the init container in exec form.

properties.environmentVariables

EnvironmentVariable[]

The environment variables to set in the init container.

properties.image

string

The image of the init container.

properties.instanceView

InitContainerPropertiesDefinition.InstanceView

The instance view of the init container. Only valid in response.

properties.securityContext

SecurityContextDefinition

The container security properties.

properties.volumeMounts

VolumeMount[]

The volume mounts available to the init container.

InitContainerPropertiesDefinition.InstanceView

The instance view of the init container. Only valid in response.

Name Type Description
currentState

ContainerState

The current state of the init container.

events

Event[]

The events of the init container.

previousState

ContainerState

The previous state of the init container.

restartCount

integer

The number of times that the init container has been restarted.

InstanceView

The instance view of the container instance. Only valid in response.

Name Type Description
currentState

ContainerState

Current container instance state.

events

Event[]

The events of the container instance.

previousState

ContainerState

Previous container instance state.

restartCount

integer

The number of times that the container instance has been restarted.

IpAddress

IP address for the container group.

Name Type Default value Description
autoGeneratedDomainNameLabelScope

dnsNameLabelReusePolicy

Unsecure

The value representing the security enum. The 'Unsecure' value is the default value if not selected and means the object's domain name label is not secured against subdomain takeover. The 'TenantReuse' value is the default value if selected and means the object's domain name label can be reused within the same tenant. The 'SubscriptionReuse' value means the object's domain name label can be reused within the same subscription. The 'ResourceGroupReuse' value means the object's domain name label can be reused within the same resource group. The 'NoReuse' value means the object's domain name label cannot be reused within the same resource group, subscription, or tenant.

dnsNameLabel

string

The Dns name label for the IP.

fqdn

string

The FQDN for the IP.

ip

string

The IP exposed to the public internet.

ports

Port[]

The list of ports exposed on the container group.

type

ContainerGroupIpAddressType

Specifies if the IP is exposed to the public internet or private VNET.

LogAnalytics

Container group log analytics information.

Name Type Description
logType

LogAnalyticsLogType

The log type to be used.

metadata

object

Metadata for log analytics.

workspaceId

string

The workspace id for log analytics

workspaceKey

string

The workspace key for log analytics

workspaceResourceId

string

The workspace resource id for log analytics

LogAnalyticsLogType

The log type to be used.

Name Type Description
ContainerInsights

string

ContainerInstanceLogs

string

OperatingSystemTypes

The operating system type required by the containers in the container group.

Name Type Description
Linux

string

Windows

string

Port

The port exposed on the container group.

Name Type Description
port

integer

The port number.

protocol

ContainerGroupNetworkProtocol

The protocol associated with the port.

ResourceIdentityType

The type of identity used for the container group. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the container group.

Name Type Description
None

string

SystemAssigned

string

SystemAssigned, UserAssigned

string

UserAssigned

string

ResourceLimits

The resource limits.

Name Type Description
cpu

number

The CPU limit of this container instance.

gpu

GpuResource

The GPU limit of this container instance.

memoryInGB

number

The memory limit in GB of this container instance.

ResourceRequests

The resource requests.

Name Type Description
cpu

number

The CPU request of this container instance.

gpu

GpuResource

The GPU request of this container instance.

memoryInGB

number

The memory request in GB of this container instance.

ResourceRequirements

The resource requirements.

Name Type Description
limits

ResourceLimits

The resource limits of this container instance.

requests

ResourceRequests

The resource requests of this container instance.

Scheme

The scheme.

Name Type Description
http

string

https

string

SecurityContextCapabilitiesDefinition

The capabilities to add or drop from a container.

Name Type Description
add

string[]

The capabilities to add to the container.

drop

string[]

The capabilities to drop from the container.

SecurityContextDefinition

The security context for the container.

Name Type Description
allowPrivilegeEscalation

boolean

A boolean value indicating whether the init process can elevate its privileges

capabilities

SecurityContextCapabilitiesDefinition

The capabilities to add or drop from a container.

privileged

boolean

The flag to determine if the container permissions is elevated to Privileged.

runAsGroup

integer

Sets the User GID for the container.

runAsUser

integer

Sets the User UID for the container.

seccompProfile

string

a base64 encoded string containing the contents of the JSON in the seccomp profile

UserAssignedIdentities

The list of user identities associated with the container group. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

Name Type Description
clientId

string

The client id of user assigned identity.

principalId

string

The principal id of user assigned identity.

Volume

The properties of the volume.

Name Type Description
azureFile

AzureFileVolume

The Azure File volume.

emptyDir

EmptyDirVolume

The empty directory volume.

gitRepo

GitRepoVolume

The git repo volume.

name

string

The name of the volume.

secret

object

The secret volume.

VolumeMount

The properties of the volume mount.

Name Type Description
mountPath

string

The path within the container where the volume should be mounted. Must not contain colon (:).

name

string

The name of the volume mount.

readOnly

boolean

The flag indicating whether the volume mount is read-only.