UNPKG

@pulumi/azure-native

Version:

[![Slack](http://www.pulumi.com/images/docs/badges/slack.svg)](https://slack.pulumi.com) [![NPM version](https://badge.fury.io/js/%40pulumi%2Fazure-native.svg)](https://npmjs.com/package/@pulumi/azure-native) [![Python version](https://badge.fury.io/py/pu

pulumi.com

pulumi/pulumi-azure-native

427 lines (426 loc) • 22.8 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; import * as enums from "../types/enums"; /** * Managed cluster. * * Uses Azure REST API version 2024-10-01. In version 2.x of the Azure Native provider, it used API version 2023-04-01. * * Other available API versions: 2019-11-01, 2020-01-01, 2020-02-01, 2020-03-01, 2020-04-01, 2020-06-01, 2020-07-01, 2020-09-01, 2020-11-01, 2020-12-01, 2021-02-01, 2021-03-01, 2021-05-01, 2021-07-01, 2021-08-01, 2021-09-01, 2021-10-01, 2021-11-01-preview, 2022-01-01, 2022-01-02-preview, 2022-02-01, 2022-02-02-preview, 2022-03-01, 2022-03-02-preview, 2022-04-01, 2022-04-02-preview, 2022-05-02-preview, 2022-06-01, 2022-06-02-preview, 2022-07-01, 2022-07-02-preview, 2022-08-02-preview, 2022-08-03-preview, 2022-09-01, 2022-09-02-preview, 2022-10-02-preview, 2022-11-01, 2022-11-02-preview, 2023-01-01, 2023-01-02-preview, 2023-02-01, 2023-02-02-preview, 2023-03-01, 2023-03-02-preview, 2023-04-01, 2023-04-02-preview, 2023-05-01, 2023-05-02-preview, 2023-06-01, 2023-06-02-preview, 2023-07-01, 2023-07-02-preview, 2023-08-01, 2023-08-02-preview, 2023-09-01, 2023-09-02-preview, 2023-10-01, 2023-10-02-preview, 2023-11-01, 2023-11-02-preview, 2024-01-01, 2024-01-02-preview, 2024-02-01, 2024-02-02-preview, 2024-03-02-preview, 2024-04-02-preview, 2024-05-01, 2024-05-02-preview, 2024-06-02-preview, 2024-07-01, 2024-07-02-preview, 2024-08-01, 2024-09-01, 2024-09-02-preview, 2024-10-02-preview, 2025-01-01, 2025-01-02-preview, 2025-02-01, 2025-02-02-preview, 2025-03-01, 2025-03-02-preview, 2025-04-01, 2025-04-02-preview, 2025-05-01, 2025-05-02-preview. These can be accessed by generating a local SDK package using the CLI command `pulumi package add azure-native containerservice [ApiVersion]`. See the [version guide](../../../version-guide/#accessing-any-api-version-via-local-packages) for details. * * When creating a managed cluster you must define at least one agent pool inline via the `agentPoolProfiles` property. The Azure API does not currently allow this property to be updated directly. Instead, additional agent pools can be defined via the `AgentPool` resource. If needing to change the initial agent pool profile property, you can either trigger the whole cluster to be re-created by using the [replaceOnChanges resource option](https://www.pulumi.com/docs/concepts/options/replaceonchanges/), or make the change directly in Azure then use `pulumi refresh` to update the stack's stack to match. */ export declare class ManagedCluster extends pulumi.CustomResource { /** * Get an existing ManagedCluster resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, opts?: pulumi.CustomResourceOptions): ManagedCluster; /** * Returns true if the given object is an instance of ManagedCluster. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is ManagedCluster; /** * The Azure Active Directory configuration. */ readonly aadProfile: pulumi.Output<outputs.containerservice.ManagedClusterAADProfileResponse | undefined>; /** * The profile of managed cluster add-on. */ readonly addonProfiles: pulumi.Output<{ [key: string]: outputs.containerservice.ManagedClusterAddonProfileResponse; } | undefined>; /** * The agent pool properties. */ readonly agentPoolProfiles: pulumi.Output<outputs.containerservice.ManagedClusterAgentPoolProfileResponse[] | undefined>; /** * The access profile for managed cluster API server. */ readonly apiServerAccessProfile: pulumi.Output<outputs.containerservice.ManagedClusterAPIServerAccessProfileResponse | undefined>; /** * Parameters to be applied to the cluster-autoscaler when enabled */ readonly autoScalerProfile: pulumi.Output<outputs.containerservice.ManagedClusterPropertiesResponseAutoScalerProfile | undefined>; /** * The auto upgrade configuration. */ readonly autoUpgradeProfile: pulumi.Output<outputs.containerservice.ManagedClusterAutoUpgradeProfileResponse | undefined>; /** * The Azure API version of the resource. */ readonly azureApiVersion: pulumi.Output<string>; /** * Azure Monitor addon profiles for monitoring the managed cluster. */ readonly azureMonitorProfile: pulumi.Output<outputs.containerservice.ManagedClusterAzureMonitorProfileResponse | undefined>; /** * The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure Portal to function properly. */ readonly azurePortalFQDN: pulumi.Output<string>; /** * If kubernetesVersion was a fully specified version <major.minor.patch>, this field will be exactly equal to it. If kubernetesVersion was <major.minor>, this field will contain the full <major.minor.patch> version being used. */ readonly currentKubernetesVersion: pulumi.Output<string>; /** * If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). */ readonly disableLocalAccounts: pulumi.Output<boolean | undefined>; /** * This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' */ readonly diskEncryptionSetID: pulumi.Output<string | undefined>; /** * This cannot be updated once the Managed Cluster has been created. */ readonly dnsPrefix: pulumi.Output<string | undefined>; /** * Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is updated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic concurrency per the normal etag convention. */ readonly eTag: pulumi.Output<string>; /** * (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp. */ readonly enablePodSecurityPolicy: pulumi.Output<boolean | undefined>; /** * Whether to enable Kubernetes Role-Based Access Control. */ readonly enableRBAC: pulumi.Output<boolean | undefined>; /** * The extended location of the Virtual Machine. */ readonly extendedLocation: pulumi.Output<outputs.containerservice.ExtendedLocationResponse | undefined>; /** * The FQDN of the master pool. */ readonly fqdn: pulumi.Output<string>; /** * This cannot be updated once the Managed Cluster has been created. */ readonly fqdnSubdomain: pulumi.Output<string | undefined>; /** * Configurations for provisioning the cluster with HTTP proxy servers. */ readonly httpProxyConfig: pulumi.Output<outputs.containerservice.ManagedClusterHTTPProxyConfigResponse | undefined>; /** * The identity of the managed cluster, if configured. */ readonly identity: pulumi.Output<outputs.containerservice.ManagedClusterIdentityResponse | undefined>; /** * The user identity associated with the managed cluster. This identity will be used by the kubelet. Only one user assigned identity is allowed. The only accepted key is "kubeletidentity", with value of "resourceId": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}". */ readonly identityProfile: pulumi.Output<{ [key: string]: outputs.containerservice.UserAssignedIdentityResponse; } | undefined>; /** * Ingress profile for the managed cluster. */ readonly ingressProfile: pulumi.Output<outputs.containerservice.ManagedClusterIngressProfileResponse | undefined>; /** * Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. */ readonly kubernetesVersion: pulumi.Output<string | undefined>; /** * The profile for Linux VMs in the Managed Cluster. */ readonly linuxProfile: pulumi.Output<outputs.containerservice.ContainerServiceLinuxProfileResponse | undefined>; /** * The geo-location where the resource lives */ readonly location: pulumi.Output<string>; /** * The max number of agent pools for the managed cluster. */ readonly maxAgentPools: pulumi.Output<number>; /** * Optional cluster metrics configuration. */ readonly metricsProfile: pulumi.Output<outputs.containerservice.ManagedClusterMetricsProfileResponse | undefined>; /** * The name of the resource */ readonly name: pulumi.Output<string>; /** * The network configuration profile. */ readonly networkProfile: pulumi.Output<outputs.containerservice.ContainerServiceNetworkProfileResponse | undefined>; /** * The name of the resource group containing agent pool nodes. */ readonly nodeResourceGroup: pulumi.Output<string | undefined>; /** * Profile of the node resource group configuration. */ readonly nodeResourceGroupProfile: pulumi.Output<outputs.containerservice.ManagedClusterNodeResourceGroupProfileResponse | undefined>; /** * The OIDC issuer profile of the Managed Cluster. */ readonly oidcIssuerProfile: pulumi.Output<outputs.containerservice.ManagedClusterOIDCIssuerProfileResponse | undefined>; /** * See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration. */ readonly podIdentityProfile: pulumi.Output<outputs.containerservice.ManagedClusterPodIdentityProfileResponse | undefined>; /** * The Power State of the cluster. */ readonly powerState: pulumi.Output<outputs.containerservice.PowerStateResponse>; /** * The FQDN of private cluster. */ readonly privateFQDN: pulumi.Output<string>; /** * Private link resources associated with the cluster. */ readonly privateLinkResources: pulumi.Output<outputs.containerservice.PrivateLinkResourceResponse[] | undefined>; /** * The current provisioning state. */ readonly provisioningState: pulumi.Output<string>; /** * Allow or deny public network access for AKS */ readonly publicNetworkAccess: pulumi.Output<string | undefined>; /** * The resourceUID uniquely identifies ManagedClusters that reuse ARM ResourceIds (i.e: create, delete, create sequence) */ readonly resourceUID: pulumi.Output<string>; /** * Security profile for the managed cluster. */ readonly securityProfile: pulumi.Output<outputs.containerservice.ManagedClusterSecurityProfileResponse | undefined>; /** * Service mesh profile for a managed cluster. */ readonly serviceMeshProfile: pulumi.Output<outputs.containerservice.ServiceMeshProfileResponse | undefined>; /** * Information about a service principal identity for the cluster to use for manipulating Azure APIs. */ readonly servicePrincipalProfile: pulumi.Output<outputs.containerservice.ManagedClusterServicePrincipalProfileResponse | undefined>; /** * The managed cluster SKU. */ readonly sku: pulumi.Output<outputs.containerservice.ManagedClusterSKUResponse | undefined>; /** * Storage profile for the managed cluster. */ readonly storageProfile: pulumi.Output<outputs.containerservice.ManagedClusterStorageProfileResponse | undefined>; /** * The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'. */ readonly supportPlan: pulumi.Output<string | undefined>; /** * Azure Resource Manager metadata containing createdBy and modifiedBy information. */ readonly systemData: pulumi.Output<outputs.containerservice.SystemDataResponse>; /** * Resource tags. */ readonly tags: pulumi.Output<{ [key: string]: string; } | undefined>; /** * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" */ readonly type: pulumi.Output<string>; /** * Settings for upgrading a cluster. */ readonly upgradeSettings: pulumi.Output<outputs.containerservice.ClusterUpgradeSettingsResponse | undefined>; /** * The profile for Windows VMs in the Managed Cluster. */ readonly windowsProfile: pulumi.Output<outputs.containerservice.ManagedClusterWindowsProfileResponse | undefined>; /** * Workload Auto-scaler profile for the managed cluster. */ readonly workloadAutoScalerProfile: pulumi.Output<outputs.containerservice.ManagedClusterWorkloadAutoScalerProfileResponse | undefined>; /** * Create a ManagedCluster resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: ManagedClusterArgs, opts?: pulumi.CustomResourceOptions); } /** * The set of arguments for constructing a ManagedCluster resource. */ export interface ManagedClusterArgs { /** * The Azure Active Directory configuration. */ aadProfile?: pulumi.Input<inputs.containerservice.ManagedClusterAADProfileArgs>; /** * The profile of managed cluster add-on. */ addonProfiles?: pulumi.Input<{ [key: string]: pulumi.Input<inputs.containerservice.ManagedClusterAddonProfileArgs>; }>; /** * The agent pool properties. */ agentPoolProfiles?: pulumi.Input<pulumi.Input<inputs.containerservice.ManagedClusterAgentPoolProfileArgs>[]>; /** * The access profile for managed cluster API server. */ apiServerAccessProfile?: pulumi.Input<inputs.containerservice.ManagedClusterAPIServerAccessProfileArgs>; /** * Parameters to be applied to the cluster-autoscaler when enabled */ autoScalerProfile?: pulumi.Input<inputs.containerservice.ManagedClusterPropertiesAutoScalerProfileArgs>; /** * The auto upgrade configuration. */ autoUpgradeProfile?: pulumi.Input<inputs.containerservice.ManagedClusterAutoUpgradeProfileArgs>; /** * Azure Monitor addon profiles for monitoring the managed cluster. */ azureMonitorProfile?: pulumi.Input<inputs.containerservice.ManagedClusterAzureMonitorProfileArgs>; /** * If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). */ disableLocalAccounts?: pulumi.Input<boolean>; /** * This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' */ diskEncryptionSetID?: pulumi.Input<string>; /** * This cannot be updated once the Managed Cluster has been created. */ dnsPrefix?: pulumi.Input<string>; /** * (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp. */ enablePodSecurityPolicy?: pulumi.Input<boolean>; /** * Whether to enable Kubernetes Role-Based Access Control. */ enableRBAC?: pulumi.Input<boolean>; /** * The extended location of the Virtual Machine. */ extendedLocation?: pulumi.Input<inputs.containerservice.ExtendedLocationArgs>; /** * This cannot be updated once the Managed Cluster has been created. */ fqdnSubdomain?: pulumi.Input<string>; /** * Configurations for provisioning the cluster with HTTP proxy servers. */ httpProxyConfig?: pulumi.Input<inputs.containerservice.ManagedClusterHTTPProxyConfigArgs>; /** * The identity of the managed cluster, if configured. */ identity?: pulumi.Input<inputs.containerservice.ManagedClusterIdentityArgs>; /** * The user identity associated with the managed cluster. This identity will be used by the kubelet. Only one user assigned identity is allowed. The only accepted key is "kubeletidentity", with value of "resourceId": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}". */ identityProfile?: pulumi.Input<{ [key: string]: pulumi.Input<inputs.containerservice.UserAssignedIdentityArgs>; }>; /** * Ingress profile for the managed cluster. */ ingressProfile?: pulumi.Input<inputs.containerservice.ManagedClusterIngressProfileArgs>; /** * Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. */ kubernetesVersion?: pulumi.Input<string>; /** * The profile for Linux VMs in the Managed Cluster. */ linuxProfile?: pulumi.Input<inputs.containerservice.ContainerServiceLinuxProfileArgs>; /** * The geo-location where the resource lives */ location?: pulumi.Input<string>; /** * Optional cluster metrics configuration. */ metricsProfile?: pulumi.Input<inputs.containerservice.ManagedClusterMetricsProfileArgs>; /** * The network configuration profile. */ networkProfile?: pulumi.Input<inputs.containerservice.ContainerServiceNetworkProfileArgs>; /** * The name of the resource group containing agent pool nodes. */ nodeResourceGroup?: pulumi.Input<string>; /** * Profile of the node resource group configuration. */ nodeResourceGroupProfile?: pulumi.Input<inputs.containerservice.ManagedClusterNodeResourceGroupProfileArgs>; /** * The OIDC issuer profile of the Managed Cluster. */ oidcIssuerProfile?: pulumi.Input<inputs.containerservice.ManagedClusterOIDCIssuerProfileArgs>; /** * See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration. */ podIdentityProfile?: pulumi.Input<inputs.containerservice.ManagedClusterPodIdentityProfileArgs>; /** * Private link resources associated with the cluster. */ privateLinkResources?: pulumi.Input<pulumi.Input<inputs.containerservice.PrivateLinkResourceArgs>[]>; /** * Allow or deny public network access for AKS */ publicNetworkAccess?: pulumi.Input<string | enums.containerservice.PublicNetworkAccess>; /** * The name of the resource group. The name is case insensitive. */ resourceGroupName: pulumi.Input<string>; /** * The name of the managed cluster resource. */ resourceName?: pulumi.Input<string>; /** * Security profile for the managed cluster. */ securityProfile?: pulumi.Input<inputs.containerservice.ManagedClusterSecurityProfileArgs>; /** * Service mesh profile for a managed cluster. */ serviceMeshProfile?: pulumi.Input<inputs.containerservice.ServiceMeshProfileArgs>; /** * Information about a service principal identity for the cluster to use for manipulating Azure APIs. */ servicePrincipalProfile?: pulumi.Input<inputs.containerservice.ManagedClusterServicePrincipalProfileArgs>; /** * The managed cluster SKU. */ sku?: pulumi.Input<inputs.containerservice.ManagedClusterSKUArgs>; /** * Storage profile for the managed cluster. */ storageProfile?: pulumi.Input<inputs.containerservice.ManagedClusterStorageProfileArgs>; /** * The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'. */ supportPlan?: pulumi.Input<string | enums.containerservice.KubernetesSupportPlan>; /** * Resource tags. */ tags?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Settings for upgrading a cluster. */ upgradeSettings?: pulumi.Input<inputs.containerservice.ClusterUpgradeSettingsArgs>; /** * The profile for Windows VMs in the Managed Cluster. */ windowsProfile?: pulumi.Input<inputs.containerservice.ManagedClusterWindowsProfileArgs>; /** * Workload Auto-scaler profile for the managed cluster. */ workloadAutoScalerProfile?: pulumi.Input<inputs.containerservice.ManagedClusterWorkloadAutoScalerProfileArgs>; }