Azure Kubernetes Service · Schema

ManagedClusterAADProfile

Azure Active Directory configuration for integration with AKS.

AzureCloudContainersDevOpsKubernetesOrchestration

Properties

Name Type Description
managed boolean Whether to enable managed AAD.
enableAzureRBAC boolean Whether to enable Azure RBAC for Kubernetes authorization.
adminGroupObjectIDs array The list of AAD group object IDs that will have admin role of the cluster.
clientAppID string (DEPRECATED) The client AAD application ID. Used for legacy/non-managed AAD.
serverAppID string (DEPRECATED) The server AAD application ID. Used for legacy/non-managed AAD.
serverAppSecret string (DEPRECATED) The server AAD application secret. Used for legacy/non-managed AAD.
tenantID string The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.
View JSON Schema on GitHub

JSON Schema

microsoft-azure-kubernetes-service-managedclusteraadprofile-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "#/components/schemas/ManagedClusterAADProfile",
  "title": "ManagedClusterAADProfile",
  "type": "object",
  "description": "Azure Active Directory configuration for integration with AKS.",
  "properties": {
    "managed": {
      "type": "boolean",
      "description": "Whether to enable managed AAD.",
      "example": true
    },
    "enableAzureRBAC": {
      "type": "boolean",
      "description": "Whether to enable Azure RBAC for Kubernetes authorization.",
      "example": true
    },
    "adminGroupObjectIDs": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "description": "The list of AAD group object IDs that will have admin role of the cluster.",
      "example": []
    },
    "clientAppID": {
      "type": "string",
      "description": "(DEPRECATED) The client AAD application ID. Used for legacy/non-managed AAD.",
      "example": "500123"
    },
    "serverAppID": {
      "type": "string",
      "description": "(DEPRECATED) The server AAD application ID. Used for legacy/non-managed AAD.",
      "example": "500123"
    },
    "serverAppSecret": {
      "type": "string",
      "description": "(DEPRECATED) The server AAD application secret. Used for legacy/non-managed AAD.",
      "example": "example_value"
    },
    "tenantID": {
      "type": "string",
      "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.",
      "example": "500123"
    }
  }
}