Skip to content

Commit

Permalink
Add identity property in managedCluster definition and add an example (
Browse files Browse the repository at this point in the history 
…#5709)

* Add identity property in managedCluster definition and add an example

* Fix typo
  • Loading branch information
@norshtein @jhendrixMSFT
norshtein authored and jhendrixMSFT committed Apr 24, 2019
1 parent 9150e84 commit c225658
Show file tree
Hide file tree
Showing 2 changed files with 208 additions and 1 deletion.
176 changes: 176 additions & 0 deletions ...Microsoft.ContainerService/stable/2019-04-01/examples/MSIManagedClusterCreate_Update.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,176 @@
{
"parameters": {
"api-version": "2019-04-01",
"subscriptionId": "subid1",
"resourceGroupName": "rg1",
"resourceName": "clustername1",
"parameters": {
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"osType": "Linux"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile":{
"loadBalancerSku": "basic"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"addonProfiles": {
},
"enableRBAC": true,
"enablePodSecurityPolicy": true
},
"identity": {
"type": "SystemAssigned"
}
}
},
"responses": {
"200": {
"body": {
"id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "msi"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"dockerBridgeCidr": "172.17.0.1/16"
}
},
"identity": {
"type": "SystemAssigned",
"principalId": "00630bf6-aaaa-bbbb-cccc-22cf1e3bd337",
"tenantId": "89e1b688-aaaa-bbbb-cccc-54d0a43a4f0d"
}
}
},
"201": {
"body": {
"id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "msi"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"enablePodSecurityPolicy": true,
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"dockerBridgeCidr": "172.17.0.1/16"
}
},
"identity": {
"type": "SystemAssigned",
"principalId": "00630bf6-aaaa-bbbb-cccc-22cf1e3bd337",
"tenantId": "89e1b688-aaaa-bbbb-cccc-54d0a43a4f0d"
}
}
}
}
}
33 changes: 32 additions & 1 deletion ...ervice/resource-manager/Microsoft.ContainerService/stable/2019-04-01/managedClusters.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1703,6 +1703,10 @@
"description": "Properties of a managed cluster.",
"$ref": "#/definitions/ManagedClusterProperties",
"x-ms-client-flatten": true
},
"identity": {
"$ref": "#/definitions/ManagedClusterIdentity",
"description": "The identity of the managed cluster, if configured."
}
}
}
Expand Down Expand Up @@ -1791,6 +1795,33 @@
},
"description": "Properties of the managed cluster."
},
"ManagedClusterIdentity": {
"properties": {
"principalId": {
"readOnly": true,
"type": "string",
"description": "The principal id of the system assigned identity which is used by master components."
},
"tenantId": {
"readOnly": true,
"type": "string",
"description": "The tenant id of the system assigned identity which is used by master components."
},
"type": {
"type": "string",
"description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicityly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.",
"enum": [
"SystemAssigned",
"None"
],
"x-ms-enum": {
"name": "ResourceIdentityType",
"modelAsString": false
}
}
},
"description": "Identity for the managed cluster."
},
"OrchestratorProfile": {
"properties": {
"orchestratorType": {
Expand Down Expand Up @@ -2061,4 +2092,4 @@
"x-ms-parameter-location": "client"
}
}
}
}

0 comments on commit c225658

Please sign in to comment.