REST Resource: projects.locations.azureClusters

{
  "name": string,
  "description": string,
  "azureRegion": string,
  "resourceGroupId": string,
  "azureClient": string,
  "networking": {
    object (AzureClusterNetworking)
  },
  "controlPlane": {
    object (AzureControlPlane)
  },
  "authorization": {
    object (AzureAuthorization)
  },
  "azureServicesAuthentication": {
    object (AzureServicesAuthentication)
  },
  "state": enum (State),
  "endpoint": string,
  "uid": string,
  "reconciling": boolean,
  "createTime": string,
  "updateTime": string,
  "etag": string,
  "annotations": {
    string: string,
    ...
  },
  "workloadIdentityConfig": {
    object (WorkloadIdentityConfig)
  },
  "clusterCaCertificate": string,
  "fleet": {
    object (Fleet)
  },
  "managedResources": {
    object (AzureClusterResources)
  },
  "loggingConfig": {
    object (LoggingConfig)
  },
  "errors": [
    {
      object (AzureClusterError)
    }
  ],
  "monitoringConfig": {
    object (MonitoringConfig)
  }
}

string

The name of this resource.

Cluster names are formatted as projects/<project-number>/locations/<region>/azureClusters/<cluster-id>.

See Resource Names for more details on Google Cloud Platform resource names.

string

Optional. A human readable description of this cluster. Cannot be longer than 255 UTF-8 encoded bytes.

string

Required. The Azure region where the cluster runs.

Each Google Cloud region supports a subset of nearby Azure regions. You can call locations.getAzureServerConfig to list all supported Azure regions within a given Google Cloud region.

string

Required. The ARM ID of the resource group where the cluster resources are deployed. For example: /subscriptions/<subscription-id>/resourceGroups/<resource-group-name>

string

Optional. Name of the AzureClient that contains authentication configuration for how the Anthos Multi-Cloud API connects to Azure APIs.

Either azureClient or azureServicesAuthentication should be provided.

The AzureClient resource must reside on the same Google Cloud Platform project and region as the AzureCluster.

AzureClient names are formatted as projects/<project-number>/locations/<region>/azureClients/<client-id>.

See Resource Names for more details on Google Cloud resource names.

object (AzureClusterNetworking)

Required. Cluster-wide networking configuration.

object (AzureControlPlane)

Required. Configuration related to the cluster control plane.

object (AzureAuthorization)

Required. Configuration related to the cluster RBAC settings.

object (AzureServicesAuthentication)

Optional. Authentication configuration for management of Azure resources.

Either azureClient or azureServicesAuthentication should be provided.

enum (State)

Output only. The current state of the cluster.

string

Output only. The endpoint of the cluster's API server.

string

Output only. A globally unique identifier for the cluster.

boolean

Output only. If set, there are currently changes in flight to the cluster.

string (Timestamp format)

Output only. The time at which this cluster was created.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

string (Timestamp format)

Output only. The time at which this cluster was last updated.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

string

Allows clients to perform consistent read-modify-writes through optimistic concurrency control.

Can be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

map (key: string, value: string)

Optional. Annotations on the cluster.

This field has the same restrictions as Kubernetes annotations. The total size of all keys and values combined is limited to 256k. Keys can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

object (WorkloadIdentityConfig)

Output only. Workload Identity settings.

string

Output only. PEM encoded x509 certificate of the cluster root of trust.

object (Fleet)

Required. Fleet configuration.

object (AzureClusterResources)

Output only. Managed Azure resources for this cluster.

object (LoggingConfig)

Optional. Logging configuration for this cluster.

object (AzureClusterError)

Output only. A set of errors found in the cluster.

object (MonitoringConfig)

Optional. Monitoring configuration for this cluster.

{
  "virtualNetworkId": string,
  "podAddressCidrBlocks": [
    string
  ],
  "serviceAddressCidrBlocks": [
    string
  ],
  "serviceLoadBalancerSubnetId": string
}

string

Required. The Azure Resource Manager (ARM) ID of the VNet associated with your cluster.

All components in the cluster (i.e. control plane and node pools) run on a single VNet.

Example: /subscriptions/<subscription-id>/resourceGroups/<resource-group-id>/providers/Microsoft.Network/virtualNetworks/<vnet-id>

This field cannot be changed after creation.

string

Required. The IP address range of the pods in this cluster, in CIDR notation (e.g. 10.96.0.0/14).

All pods in the cluster get assigned a unique IPv4 address from these ranges. Only a single range is supported.

This field cannot be changed after creation.

string

Required. The IP address range for services in this cluster, in CIDR notation (e.g. 10.96.0.0/14).

All services in the cluster get assigned a unique IPv4 address from these ranges. Only a single range is supported.

This field cannot be changed after creating a cluster.

string

Optional. The ARM ID of the subnet where Kubernetes private service type load balancers are deployed. When unspecified, it defaults to AzureControlPlane.subnet_id.

Example: "/subscriptions/d00494d6-6f3c-4280-bbb2-899e163d1d30/resourceGroups/anthos_cluster_gkeust4/providers/Microsoft.Network/virtualNetworks/gke-vnet-gkeust4/subnets/subnetid456"

{
  "version": string,
  "subnetId": string,
  "vmSize": string,
  "sshConfig": {
    object (AzureSshConfig)
  },
  "rootVolume": {
    object (AzureDiskTemplate)
  },
  "mainVolume": {
    object (AzureDiskTemplate)
  },
  "databaseEncryption": {
    object (AzureDatabaseEncryption)
  },
  "proxyConfig": {
    object (AzureProxyConfig)
  },
  "configEncryption": {
    object (AzureConfigEncryption)
  },
  "tags": {
    string: string,
    ...
  },
  "replicaPlacements": [
    {
      object (ReplicaPlacement)
    }
  ],
  "endpointSubnetId": string
}

string

Required. The Kubernetes version to run on control plane replicas (e.g. 1.19.10-gke.1000).

You can list all supported versions on a given Google Cloud region by calling locations.getAzureServerConfig.

string

Optional. The ARM ID of the default subnet for the control plane. The control plane VMs are deployed in this subnet, unless AzureControlPlane.replica_placements is specified. This subnet will also be used as default for AzureControlPlane.endpoint_subnet_id if AzureControlPlane.endpoint_subnet_id is not specified. Similarly it will be used as default for AzureClusterNetworking.service_load_balancer_subnet_id.

Example: /subscriptions/<subscription-id>/resourceGroups/<resource-group-id>/providers/Microsoft.Network/virtualNetworks/<vnet-id>/subnets/default.

string

Optional. The Azure VM size name. Example: Standard_DS2_v2.

For available VM sizes, see https://docs.microsoft.com/en-us/azure/virtual-machines/vm-naming-conventions.

When unspecified, it defaults to Standard_DS2_v2.

object (AzureSshConfig)

Required. SSH configuration for how to access the underlying control plane machines.

object (AzureDiskTemplate)

Optional. Configuration related to the root volume provisioned for each control plane replica.

When unspecified, it defaults to 32-GiB Azure Disk.

object (AzureDiskTemplate)

Optional. Configuration related to the main volume provisioned for each control plane replica. The main volume is in charge of storing all of the cluster's etcd state.

When unspecified, it defaults to a 8-GiB Azure Disk.

object (AzureDatabaseEncryption)

Optional. Configuration related to application-layer secrets encryption.

object (AzureProxyConfig)

Optional. Proxy configuration for outbound HTTP(S) traffic.

object (AzureConfigEncryption)

Optional. Configuration related to vm config encryption.

map (key: string, value: string)

Optional. A set of tags to apply to all underlying control plane Azure resources.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

object (ReplicaPlacement)

Optional. Configuration for where to place the control plane replicas.

Up to three replica placement instances can be specified. If replicaPlacements is set, the replica placement instances will be applied to the three control plane replicas as evenly as possible.

string

Optional. The ARM ID of the subnet where the control plane load balancer is deployed. When unspecified, it defaults to AzureControlPlane.subnet_id.

Example: "/subscriptions/d00494d6-6f3c-4280-bbb2-899e163d1d30/resourceGroups/anthos_cluster_gkeust4/providers/Microsoft.Network/virtualNetworks/gke-vnet-gkeust4/subnets/subnetid123"

{
  "keyId": string
}

string

Required. The ARM ID of the Azure Key Vault key to encrypt / decrypt data.

For example: /subscriptions/<subscription-id>/resourceGroups/<resource-group-id>/providers/Microsoft.KeyVault/vaults/<key-vault-id>/keys/<key-name> Encryption will always take the latest version of the key and hence specific version is not supported.

{
  "subnetId": string,
  "azureAvailabilityZone": string
}

string

Required. For a given replica, the ARM ID of the subnet where the control plane VM is deployed. Make sure it's a subnet under the virtual network in the cluster configuration.

string

Required. For a given replica, the Azure availability zone where to provision the control plane VM and the ETCD disk.

{
  "adminUsers": [
    {
      object (AzureClusterUser)
    }
  ],
  "adminGroups": [
    {
      object (AzureClusterGroup)
    }
  ]
}

object (AzureClusterUser)

Optional. Users that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-admin ClusterRole to the users. Up to ten admin users can be provided.

For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles

object (AzureClusterGroup)

Optional. Groups of users that can perform operations as a cluster admin. A managed ClusterRoleBinding will be created to grant the cluster-admin ClusterRole to the groups. Up to ten admin groups can be provided.

For more info on RBAC, see https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles

{
  "username": string
}

string

Required. The name of the user, e.g. my-gcp-id@gmail.com.

{
  "group": string
}

string

Required. The name of the group, e.g. my-group@domain.com.

{
  "tenantId": string,
  "applicationId": string
}

string

Required. The Azure Active Directory Tenant ID.

string

Required. The Azure Active Directory Application ID.

{
  "networkSecurityGroupId": string,
  "controlPlaneApplicationSecurityGroupId": string
}

string

Output only. The ARM ID of the cluster network security group.

string

Output only. The ARM ID of the control plane application security group.

{
  "message": string
}

string

Human-friendly description of the error.