Microsoft.ServiceFabric managedClusters 2023-07-01-preview
- Latest
- 2024-06-01-preview
- 2024-04-01
- 2024-02-01-preview
- 2023-12-01-preview
- 2023-11-01-preview
- 2023-09-01-preview
- 2023-07-01-preview
- 2023-03-01-preview
- 2023-02-01-preview
- 2022-10-01-preview
- 2022-08-01-preview
- 2022-06-01-preview
- 2022-02-01-preview
- 2022-01-01
- 2021-11-01-preview
- 2021-07-01-preview
- 2021-05-01
- 2021-01-01-preview
- 2020-01-01-preview
Bicep resource definition
The managedClusters resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.ServiceFabric/managedClusters resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.ServiceFabric/managedClusters@2023-07-01-preview' = {
location: 'string'
name: 'string'
properties: {
addonFeatures: [
'string'
]
adminPassword: 'string'
adminUserName: 'string'
allowRdpAccess: bool
applicationTypeVersionsCleanupPolicy: {
maxUnusedVersionsToKeep: int
}
auxiliarySubnets: [
{
enableIpv6: bool
name: 'string'
networkSecurityGroupId: 'string'
privateEndpointNetworkPolicies: 'string'
privateLinkServiceNetworkPolicies: 'string'
}
]
azureActiveDirectory: {
clientApplication: 'string'
clusterApplication: 'string'
tenantId: 'string'
}
clientConnectionPort: int
clients: [
{
commonName: 'string'
isAdmin: bool
issuerThumbprint: 'string'
thumbprint: 'string'
}
]
clusterCodeVersion: 'string'
clusterUpgradeCadence: 'string'
clusterUpgradeMode: 'string'
ddosProtectionPlanId: 'string'
dnsName: 'string'
enableAutoOSUpgrade: bool
enableIpv6: bool
enableServicePublicIP: bool
fabricSettings: [
{
name: 'string'
parameters: [
{
name: 'string'
value: 'string'
}
]
}
]
httpGatewayConnectionPort: int
ipTags: [
{
ipTagType: 'string'
tag: 'string'
}
]
loadBalancingRules: [
{
backendPort: int
frontendPort: int
loadDistribution: 'string'
probePort: int
probeProtocol: 'string'
probeRequestPath: 'string'
protocol: 'string'
}
]
networkSecurityRules: [
{
access: 'string'
description: 'string'
destinationAddressPrefix: 'string'
destinationAddressPrefixes: [
'string'
]
destinationPortRange: 'string'
destinationPortRanges: [
'string'
]
direction: 'string'
name: 'string'
priority: int
protocol: 'string'
sourceAddressPrefix: 'string'
sourceAddressPrefixes: [
'string'
]
sourcePortRange: 'string'
sourcePortRanges: [
'string'
]
}
]
publicIPPrefixId: 'string'
serviceEndpoints: [
{
locations: [
'string'
]
service: 'string'
}
]
subnetId: 'string'
useCustomVnet: bool
zonalResiliency: bool
zonalUpdateMode: 'string'
}
sku: {
name: 'string'
}
tags: {
{customized property}: 'string'
}
}
Property values
ApplicationTypeVersionsCleanupPolicy
Name | Description | Value |
---|---|---|
maxUnusedVersionsToKeep | Number of unused versions per application type to keep. | int Constraints: Min value = 0 (required) |
AzureActiveDirectory
Name | Description | Value |
---|---|---|
clientApplication | Azure active directory client application id. | string |
clusterApplication | Azure active directory cluster application id. | string |
tenantId | Azure active directory tenant id. | string |
ClientCertificate
Name | Description | Value |
---|---|---|
commonName | Certificate common name. | string |
isAdmin | Indicates if the client certificate has admin access to the cluster. Non admin clients can perform only read only operations on the cluster. | bool (required) |
issuerThumbprint | Issuer thumbprint for the certificate. Only used together with CommonName. | string |
thumbprint | Certificate thumbprint. | string |
IPTag
Name | Description | Value |
---|---|---|
ipTagType | The IP tag type. | string (required) |
tag | The value of the IP tag. | string (required) |
LoadBalancingRule
Name | Description | Value |
---|---|---|
backendPort | The port used for internal connections on the endpoint. Acceptable values are between 1 and 65535. | int Constraints: Min value = 1 Max value = 65534 (required) |
frontendPort | The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values are between 1 and 65534. | int Constraints: Min value = 1 Max value = 65534 (required) |
loadDistribution | The load distribution policy for this rule. | string |
probePort | The prob port used by the load balancing rule. Acceptable values are between 1 and 65535. | int Constraints: Min value = 1 Max value = 65534 |
probeProtocol | the reference to the load balancer probe used by the load balancing rule. | 'http' 'https' 'tcp' (required) |
probeRequestPath | The probe request path. Only supported for HTTP/HTTPS probes. | string |
protocol | The reference to the transport protocol used by the load balancing rule. | 'tcp' 'udp' (required) |
ManagedClusterProperties
Name | Description | Value |
---|---|---|
addonFeatures | List of add-on features to enable on the cluster. | String array containing any of: 'BackupRestoreService' 'DnsService' 'ResourceMonitorService' |
adminPassword | VM admin user password. | string Constraints: Sensitive value. Pass in as a secure parameter. |
adminUserName | VM admin user name. | string (required) |
allowRdpAccess | Setting this to true enables RDP access to the VM. The default NSG rule opens RDP port to Internet which can be overridden with custom Network Security Rules. The default value for this setting is false. | bool |
applicationTypeVersionsCleanupPolicy | The policy used to clean up unused versions. | ApplicationTypeVersionsCleanupPolicy |
auxiliarySubnets | Auxiliary subnets for the cluster. | Subnet[] |
azureActiveDirectory | The AAD authentication settings of the cluster. | AzureActiveDirectory |
clientConnectionPort | The port used for client connections to the cluster. | int |
clients | Client certificates that are allowed to manage the cluster. | ClientCertificate[] |
clusterCodeVersion | The Service Fabric runtime version of the cluster. This property is required when clusterUpgradeMode is set to 'Manual'. To get list of available Service Fabric versions for new clusters use ClusterVersion API. To get the list of available version for existing clusters use availableClusterVersions. | string |
clusterUpgradeCadence | Indicates when new cluster runtime version upgrades will be applied after they are released. By default is Wave0. Only applies when clusterUpgradeMode is set to 'Automatic'. | 'Wave0' 'Wave1' 'Wave2' |
clusterUpgradeMode | The upgrade mode of the cluster when new Service Fabric runtime version is available. | 'Automatic' 'Manual' |
ddosProtectionPlanId | Specify the resource id of a DDoS network protection plan that will be associated with the virtual network of the cluster. | string |
dnsName | The cluster dns name. | string (required) |
enableAutoOSUpgrade | Setting this to true enables automatic OS upgrade for the node types that are created using any platform OS image with version 'latest'. The default value for this setting is false. | bool |
enableIpv6 | Setting this to true creates IPv6 address space for the default VNet used by the cluster. This setting cannot be changed once the cluster is created. The default value for this setting is false. | bool |
enableServicePublicIP | Setting this to true will link the IPv4 address as the ServicePublicIP of the IPv6 address. It can only be set to True if IPv6 is enabled on the cluster. | bool |
fabricSettings | The list of custom fabric settings to configure the cluster. | SettingsSectionDescription[] |
httpGatewayConnectionPort | The port used for HTTP connections to the cluster. | int |
ipTags | The list of IP tags associated with the default public IP address of the cluster. | IPTag[] |
loadBalancingRules | Load balancing rules that are applied to the public load balancer of the cluster. | LoadBalancingRule[] |
networkSecurityRules | Custom Network Security Rules that are applied to the Virtual Network of the cluster. | NetworkSecurityRule[] |
publicIPPrefixId | Specify the resource id of a public IP prefix that the load balancer will allocate a public IP address from. Only supports IPv4. | string |
serviceEndpoints | Service endpoints for subnets in the cluster. | ServiceEndpoint[] |
subnetId | If specified, the node types for the cluster are created in this subnet instead of the default VNet. The networkSecurityRules specified for the cluster are also applied to this subnet. This setting cannot be changed once the cluster is created. | string |
useCustomVnet | For new clusters, this parameter indicates that it uses Bring your own VNet, but the subnet is specified at node type level; and for such clusters, the subnetId property is required for node types. | bool |
zonalResiliency | Indicates if the cluster has zone resiliency. | bool |
zonalUpdateMode | Indicates the update mode for Cross Az clusters. | 'Fast' 'Standard' |
Microsoft.ServiceFabric/managedClusters
Name | Description | Value |
---|---|---|
location | Azure resource location. | string (required) |
name | The resource name | string (required) |
properties | The managed cluster resource properties | ManagedClusterProperties |
sku | The sku of the managed cluster | Sku (required) |
tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
NetworkSecurityRule
Name | Description | Value |
---|---|---|
access | The network traffic is allowed or denied. | 'allow' 'deny' (required) |
description | Network security rule description. | string |
destinationAddressPrefix | The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | string |
destinationAddressPrefixes | The destination address prefixes. CIDR or destination IP ranges. | string[] |
destinationPortRange | he destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
destinationPortRanges | The destination port ranges. | string[] |
direction | Network security rule direction. | 'inbound' 'outbound' (required) |
name | Network security rule name. | string (required) |
priority | The priority of the rule. The value can be in the range 1000 to 3000. Values outside this range are reserved for Service Fabric ManagerCluster Resource Provider. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | int Constraints: Min value = 1000 Max value = 3000 (required) |
protocol | Network protocol this rule applies to. | 'ah' 'esp' 'http' 'https' 'icmp' 'tcp' 'udp' (required) |
sourceAddressPrefix | The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. | string |
sourceAddressPrefixes | The CIDR or source IP ranges. | string[] |
sourcePortRange | The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
sourcePortRanges | The source port ranges. | string[] |
ResourceTags
Name | Description | Value |
---|
ServiceEndpoint
Name | Description | Value |
---|---|---|
locations | A list of locations. | string[] |
service | The type of the endpoint service. | string (required) |
SettingsParameterDescription
Name | Description | Value |
---|---|---|
name | The parameter name of fabric setting. | string (required) |
value | The parameter value of fabric setting. | string (required) |
SettingsSectionDescription
Name | Description | Value |
---|---|---|
name | The section name of the fabric settings. | string (required) |
parameters | The collection of parameters in the section. | SettingsParameterDescription[] (required) |
Sku
Name | Description | Value |
---|---|---|
name | Sku Name. | 'Basic' 'Standard' (required) |
Subnet
Name | Description | Value |
---|---|---|
enableIpv6 | Indicates wether to enable Ipv6 or not. If not provided, it will take the same configuration as the cluster. | bool |
name | Subnet name. | string (required) |
networkSecurityGroupId | Full resource id for the network security group. | string |
privateEndpointNetworkPolicies | Enable or Disable apply network policies on private end point in the subnet. | 'disabled' 'enabled' |
privateLinkServiceNetworkPolicies | Enable or Disable apply network policies on private link service in the subnet. | 'disabled' 'enabled' |
ARM template resource definition
The managedClusters resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.ServiceFabric/managedClusters resource, add the following JSON to your template.
{
"type": "Microsoft.ServiceFabric/managedClusters",
"apiVersion": "2023-07-01-preview",
"name": "string",
"location": "string",
"properties": {
"addonFeatures": [ "string" ],
"adminPassword": "string",
"adminUserName": "string",
"allowRdpAccess": "bool",
"applicationTypeVersionsCleanupPolicy": {
"maxUnusedVersionsToKeep": "int"
},
"auxiliarySubnets": [
{
"enableIpv6": "bool",
"name": "string",
"networkSecurityGroupId": "string",
"privateEndpointNetworkPolicies": "string",
"privateLinkServiceNetworkPolicies": "string"
}
],
"azureActiveDirectory": {
"clientApplication": "string",
"clusterApplication": "string",
"tenantId": "string"
},
"clientConnectionPort": "int",
"clients": [
{
"commonName": "string",
"isAdmin": "bool",
"issuerThumbprint": "string",
"thumbprint": "string"
}
],
"clusterCodeVersion": "string",
"clusterUpgradeCadence": "string",
"clusterUpgradeMode": "string",
"ddosProtectionPlanId": "string",
"dnsName": "string",
"enableAutoOSUpgrade": "bool",
"enableIpv6": "bool",
"enableServicePublicIP": "bool",
"fabricSettings": [
{
"name": "string",
"parameters": [
{
"name": "string",
"value": "string"
}
]
}
],
"httpGatewayConnectionPort": "int",
"ipTags": [
{
"ipTagType": "string",
"tag": "string"
}
],
"loadBalancingRules": [
{
"backendPort": "int",
"frontendPort": "int",
"loadDistribution": "string",
"probePort": "int",
"probeProtocol": "string",
"probeRequestPath": "string",
"protocol": "string"
}
],
"networkSecurityRules": [
{
"access": "string",
"description": "string",
"destinationAddressPrefix": "string",
"destinationAddressPrefixes": [ "string" ],
"destinationPortRange": "string",
"destinationPortRanges": [ "string" ],
"direction": "string",
"name": "string",
"priority": "int",
"protocol": "string",
"sourceAddressPrefix": "string",
"sourceAddressPrefixes": [ "string" ],
"sourcePortRange": "string",
"sourcePortRanges": [ "string" ]
}
],
"publicIPPrefixId": "string",
"serviceEndpoints": [
{
"locations": [ "string" ],
"service": "string"
}
],
"subnetId": "string",
"useCustomVnet": "bool",
"zonalResiliency": "bool",
"zonalUpdateMode": "string"
},
"sku": {
"name": "string"
},
"tags": {
"{customized property}": "string"
}
}
Property values
ApplicationTypeVersionsCleanupPolicy
Name | Description | Value |
---|---|---|
maxUnusedVersionsToKeep | Number of unused versions per application type to keep. | int Constraints: Min value = 0 (required) |
AzureActiveDirectory
Name | Description | Value |
---|---|---|
clientApplication | Azure active directory client application id. | string |
clusterApplication | Azure active directory cluster application id. | string |
tenantId | Azure active directory tenant id. | string |
ClientCertificate
Name | Description | Value |
---|---|---|
commonName | Certificate common name. | string |
isAdmin | Indicates if the client certificate has admin access to the cluster. Non admin clients can perform only read only operations on the cluster. | bool (required) |
issuerThumbprint | Issuer thumbprint for the certificate. Only used together with CommonName. | string |
thumbprint | Certificate thumbprint. | string |
IPTag
Name | Description | Value |
---|---|---|
ipTagType | The IP tag type. | string (required) |
tag | The value of the IP tag. | string (required) |
LoadBalancingRule
Name | Description | Value |
---|---|---|
backendPort | The port used for internal connections on the endpoint. Acceptable values are between 1 and 65535. | int Constraints: Min value = 1 Max value = 65534 (required) |
frontendPort | The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values are between 1 and 65534. | int Constraints: Min value = 1 Max value = 65534 (required) |
loadDistribution | The load distribution policy for this rule. | string |
probePort | The prob port used by the load balancing rule. Acceptable values are between 1 and 65535. | int Constraints: Min value = 1 Max value = 65534 |
probeProtocol | the reference to the load balancer probe used by the load balancing rule. | 'http' 'https' 'tcp' (required) |
probeRequestPath | The probe request path. Only supported for HTTP/HTTPS probes. | string |
protocol | The reference to the transport protocol used by the load balancing rule. | 'tcp' 'udp' (required) |
ManagedClusterProperties
Name | Description | Value |
---|---|---|
addonFeatures | List of add-on features to enable on the cluster. | String array containing any of: 'BackupRestoreService' 'DnsService' 'ResourceMonitorService' |
adminPassword | VM admin user password. | string Constraints: Sensitive value. Pass in as a secure parameter. |
adminUserName | VM admin user name. | string (required) |
allowRdpAccess | Setting this to true enables RDP access to the VM. The default NSG rule opens RDP port to Internet which can be overridden with custom Network Security Rules. The default value for this setting is false. | bool |
applicationTypeVersionsCleanupPolicy | The policy used to clean up unused versions. | ApplicationTypeVersionsCleanupPolicy |
auxiliarySubnets | Auxiliary subnets for the cluster. | Subnet[] |
azureActiveDirectory | The AAD authentication settings of the cluster. | AzureActiveDirectory |
clientConnectionPort | The port used for client connections to the cluster. | int |
clients | Client certificates that are allowed to manage the cluster. | ClientCertificate[] |
clusterCodeVersion | The Service Fabric runtime version of the cluster. This property is required when clusterUpgradeMode is set to 'Manual'. To get list of available Service Fabric versions for new clusters use ClusterVersion API. To get the list of available version for existing clusters use availableClusterVersions. | string |
clusterUpgradeCadence | Indicates when new cluster runtime version upgrades will be applied after they are released. By default is Wave0. Only applies when clusterUpgradeMode is set to 'Automatic'. | 'Wave0' 'Wave1' 'Wave2' |
clusterUpgradeMode | The upgrade mode of the cluster when new Service Fabric runtime version is available. | 'Automatic' 'Manual' |
ddosProtectionPlanId | Specify the resource id of a DDoS network protection plan that will be associated with the virtual network of the cluster. | string |
dnsName | The cluster dns name. | string (required) |
enableAutoOSUpgrade | Setting this to true enables automatic OS upgrade for the node types that are created using any platform OS image with version 'latest'. The default value for this setting is false. | bool |
enableIpv6 | Setting this to true creates IPv6 address space for the default VNet used by the cluster. This setting cannot be changed once the cluster is created. The default value for this setting is false. | bool |
enableServicePublicIP | Setting this to true will link the IPv4 address as the ServicePublicIP of the IPv6 address. It can only be set to True if IPv6 is enabled on the cluster. | bool |
fabricSettings | The list of custom fabric settings to configure the cluster. | SettingsSectionDescription[] |
httpGatewayConnectionPort | The port used for HTTP connections to the cluster. | int |
ipTags | The list of IP tags associated with the default public IP address of the cluster. | IPTag[] |
loadBalancingRules | Load balancing rules that are applied to the public load balancer of the cluster. | LoadBalancingRule[] |
networkSecurityRules | Custom Network Security Rules that are applied to the Virtual Network of the cluster. | NetworkSecurityRule[] |
publicIPPrefixId | Specify the resource id of a public IP prefix that the load balancer will allocate a public IP address from. Only supports IPv4. | string |
serviceEndpoints | Service endpoints for subnets in the cluster. | ServiceEndpoint[] |
subnetId | If specified, the node types for the cluster are created in this subnet instead of the default VNet. The networkSecurityRules specified for the cluster are also applied to this subnet. This setting cannot be changed once the cluster is created. | string |
useCustomVnet | For new clusters, this parameter indicates that it uses Bring your own VNet, but the subnet is specified at node type level; and for such clusters, the subnetId property is required for node types. | bool |
zonalResiliency | Indicates if the cluster has zone resiliency. | bool |
zonalUpdateMode | Indicates the update mode for Cross Az clusters. | 'Fast' 'Standard' |
Microsoft.ServiceFabric/managedClusters
Name | Description | Value |
---|---|---|
apiVersion | The api version | '2023-07-01-preview' |
location | Azure resource location. | string (required) |
name | The resource name | string (required) |
properties | The managed cluster resource properties | ManagedClusterProperties |
sku | The sku of the managed cluster | Sku (required) |
tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
type | The resource type | 'Microsoft.ServiceFabric/managedClusters' |
NetworkSecurityRule
Name | Description | Value |
---|---|---|
access | The network traffic is allowed or denied. | 'allow' 'deny' (required) |
description | Network security rule description. | string |
destinationAddressPrefix | The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | string |
destinationAddressPrefixes | The destination address prefixes. CIDR or destination IP ranges. | string[] |
destinationPortRange | he destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
destinationPortRanges | The destination port ranges. | string[] |
direction | Network security rule direction. | 'inbound' 'outbound' (required) |
name | Network security rule name. | string (required) |
priority | The priority of the rule. The value can be in the range 1000 to 3000. Values outside this range are reserved for Service Fabric ManagerCluster Resource Provider. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | int Constraints: Min value = 1000 Max value = 3000 (required) |
protocol | Network protocol this rule applies to. | 'ah' 'esp' 'http' 'https' 'icmp' 'tcp' 'udp' (required) |
sourceAddressPrefix | The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. | string |
sourceAddressPrefixes | The CIDR or source IP ranges. | string[] |
sourcePortRange | The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
sourcePortRanges | The source port ranges. | string[] |
ResourceTags
Name | Description | Value |
---|
ServiceEndpoint
Name | Description | Value |
---|---|---|
locations | A list of locations. | string[] |
service | The type of the endpoint service. | string (required) |
SettingsParameterDescription
Name | Description | Value |
---|---|---|
name | The parameter name of fabric setting. | string (required) |
value | The parameter value of fabric setting. | string (required) |
SettingsSectionDescription
Name | Description | Value |
---|---|---|
name | The section name of the fabric settings. | string (required) |
parameters | The collection of parameters in the section. | SettingsParameterDescription[] (required) |
Sku
Name | Description | Value |
---|---|---|
name | Sku Name. | 'Basic' 'Standard' (required) |
Subnet
Name | Description | Value |
---|---|---|
enableIpv6 | Indicates wether to enable Ipv6 or not. If not provided, it will take the same configuration as the cluster. | bool |
name | Subnet name. | string (required) |
networkSecurityGroupId | Full resource id for the network security group. | string |
privateEndpointNetworkPolicies | Enable or Disable apply network policies on private end point in the subnet. | 'disabled' 'enabled' |
privateLinkServiceNetworkPolicies | Enable or Disable apply network policies on private link service in the subnet. | 'disabled' 'enabled' |
Terraform (AzAPI provider) resource definition
The managedClusters resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.ServiceFabric/managedClusters resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.ServiceFabric/managedClusters@2023-07-01-preview"
name = "string"
location = "string"
body = jsonencode({
properties = {
addonFeatures = [
"string"
]
adminPassword = "string"
adminUserName = "string"
allowRdpAccess = bool
applicationTypeVersionsCleanupPolicy = {
maxUnusedVersionsToKeep = int
}
auxiliarySubnets = [
{
enableIpv6 = bool
name = "string"
networkSecurityGroupId = "string"
privateEndpointNetworkPolicies = "string"
privateLinkServiceNetworkPolicies = "string"
}
]
azureActiveDirectory = {
clientApplication = "string"
clusterApplication = "string"
tenantId = "string"
}
clientConnectionPort = int
clients = [
{
commonName = "string"
isAdmin = bool
issuerThumbprint = "string"
thumbprint = "string"
}
]
clusterCodeVersion = "string"
clusterUpgradeCadence = "string"
clusterUpgradeMode = "string"
ddosProtectionPlanId = "string"
dnsName = "string"
enableAutoOSUpgrade = bool
enableIpv6 = bool
enableServicePublicIP = bool
fabricSettings = [
{
name = "string"
parameters = [
{
name = "string"
value = "string"
}
]
}
]
httpGatewayConnectionPort = int
ipTags = [
{
ipTagType = "string"
tag = "string"
}
]
loadBalancingRules = [
{
backendPort = int
frontendPort = int
loadDistribution = "string"
probePort = int
probeProtocol = "string"
probeRequestPath = "string"
protocol = "string"
}
]
networkSecurityRules = [
{
access = "string"
description = "string"
destinationAddressPrefix = "string"
destinationAddressPrefixes = [
"string"
]
destinationPortRange = "string"
destinationPortRanges = [
"string"
]
direction = "string"
name = "string"
priority = int
protocol = "string"
sourceAddressPrefix = "string"
sourceAddressPrefixes = [
"string"
]
sourcePortRange = "string"
sourcePortRanges = [
"string"
]
}
]
publicIPPrefixId = "string"
serviceEndpoints = [
{
locations = [
"string"
]
service = "string"
}
]
subnetId = "string"
useCustomVnet = bool
zonalResiliency = bool
zonalUpdateMode = "string"
}
})
sku = {
name = "string"
}
tags = {
{customized property} = "string"
}
}
Property values
ApplicationTypeVersionsCleanupPolicy
Name | Description | Value |
---|---|---|
maxUnusedVersionsToKeep | Number of unused versions per application type to keep. | int Constraints: Min value = 0 (required) |
AzureActiveDirectory
Name | Description | Value |
---|---|---|
clientApplication | Azure active directory client application id. | string |
clusterApplication | Azure active directory cluster application id. | string |
tenantId | Azure active directory tenant id. | string |
ClientCertificate
Name | Description | Value |
---|---|---|
commonName | Certificate common name. | string |
isAdmin | Indicates if the client certificate has admin access to the cluster. Non admin clients can perform only read only operations on the cluster. | bool (required) |
issuerThumbprint | Issuer thumbprint for the certificate. Only used together with CommonName. | string |
thumbprint | Certificate thumbprint. | string |
IPTag
Name | Description | Value |
---|---|---|
ipTagType | The IP tag type. | string (required) |
tag | The value of the IP tag. | string (required) |
LoadBalancingRule
Name | Description | Value |
---|---|---|
backendPort | The port used for internal connections on the endpoint. Acceptable values are between 1 and 65535. | int Constraints: Min value = 1 Max value = 65534 (required) |
frontendPort | The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values are between 1 and 65534. | int Constraints: Min value = 1 Max value = 65534 (required) |
loadDistribution | The load distribution policy for this rule. | string |
probePort | The prob port used by the load balancing rule. Acceptable values are between 1 and 65535. | int Constraints: Min value = 1 Max value = 65534 |
probeProtocol | the reference to the load balancer probe used by the load balancing rule. | 'http' 'https' 'tcp' (required) |
probeRequestPath | The probe request path. Only supported for HTTP/HTTPS probes. | string |
protocol | The reference to the transport protocol used by the load balancing rule. | 'tcp' 'udp' (required) |
ManagedClusterProperties
Name | Description | Value |
---|---|---|
addonFeatures | List of add-on features to enable on the cluster. | String array containing any of: 'BackupRestoreService' 'DnsService' 'ResourceMonitorService' |
adminPassword | VM admin user password. | string Constraints: Sensitive value. Pass in as a secure parameter. |
adminUserName | VM admin user name. | string (required) |
allowRdpAccess | Setting this to true enables RDP access to the VM. The default NSG rule opens RDP port to Internet which can be overridden with custom Network Security Rules. The default value for this setting is false. | bool |
applicationTypeVersionsCleanupPolicy | The policy used to clean up unused versions. | ApplicationTypeVersionsCleanupPolicy |
auxiliarySubnets | Auxiliary subnets for the cluster. | Subnet[] |
azureActiveDirectory | The AAD authentication settings of the cluster. | AzureActiveDirectory |
clientConnectionPort | The port used for client connections to the cluster. | int |
clients | Client certificates that are allowed to manage the cluster. | ClientCertificate[] |
clusterCodeVersion | The Service Fabric runtime version of the cluster. This property is required when clusterUpgradeMode is set to 'Manual'. To get list of available Service Fabric versions for new clusters use ClusterVersion API. To get the list of available version for existing clusters use availableClusterVersions. | string |
clusterUpgradeCadence | Indicates when new cluster runtime version upgrades will be applied after they are released. By default is Wave0. Only applies when clusterUpgradeMode is set to 'Automatic'. | 'Wave0' 'Wave1' 'Wave2' |
clusterUpgradeMode | The upgrade mode of the cluster when new Service Fabric runtime version is available. | 'Automatic' 'Manual' |
ddosProtectionPlanId | Specify the resource id of a DDoS network protection plan that will be associated with the virtual network of the cluster. | string |
dnsName | The cluster dns name. | string (required) |
enableAutoOSUpgrade | Setting this to true enables automatic OS upgrade for the node types that are created using any platform OS image with version 'latest'. The default value for this setting is false. | bool |
enableIpv6 | Setting this to true creates IPv6 address space for the default VNet used by the cluster. This setting cannot be changed once the cluster is created. The default value for this setting is false. | bool |
enableServicePublicIP | Setting this to true will link the IPv4 address as the ServicePublicIP of the IPv6 address. It can only be set to True if IPv6 is enabled on the cluster. | bool |
fabricSettings | The list of custom fabric settings to configure the cluster. | SettingsSectionDescription[] |
httpGatewayConnectionPort | The port used for HTTP connections to the cluster. | int |
ipTags | The list of IP tags associated with the default public IP address of the cluster. | IPTag[] |
loadBalancingRules | Load balancing rules that are applied to the public load balancer of the cluster. | LoadBalancingRule[] |
networkSecurityRules | Custom Network Security Rules that are applied to the Virtual Network of the cluster. | NetworkSecurityRule[] |
publicIPPrefixId | Specify the resource id of a public IP prefix that the load balancer will allocate a public IP address from. Only supports IPv4. | string |
serviceEndpoints | Service endpoints for subnets in the cluster. | ServiceEndpoint[] |
subnetId | If specified, the node types for the cluster are created in this subnet instead of the default VNet. The networkSecurityRules specified for the cluster are also applied to this subnet. This setting cannot be changed once the cluster is created. | string |
useCustomVnet | For new clusters, this parameter indicates that it uses Bring your own VNet, but the subnet is specified at node type level; and for such clusters, the subnetId property is required for node types. | bool |
zonalResiliency | Indicates if the cluster has zone resiliency. | bool |
zonalUpdateMode | Indicates the update mode for Cross Az clusters. | 'Fast' 'Standard' |
Microsoft.ServiceFabric/managedClusters
Name | Description | Value |
---|---|---|
location | Azure resource location. | string (required) |
name | The resource name | string (required) |
properties | The managed cluster resource properties | ManagedClusterProperties |
sku | The sku of the managed cluster | Sku (required) |
tags | Resource tags | Dictionary of tag names and values. |
type | The resource type | "Microsoft.ServiceFabric/managedClusters@2023-07-01-preview" |
NetworkSecurityRule
Name | Description | Value |
---|---|---|
access | The network traffic is allowed or denied. | 'allow' 'deny' (required) |
description | Network security rule description. | string |
destinationAddressPrefix | The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | string |
destinationAddressPrefixes | The destination address prefixes. CIDR or destination IP ranges. | string[] |
destinationPortRange | he destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
destinationPortRanges | The destination port ranges. | string[] |
direction | Network security rule direction. | 'inbound' 'outbound' (required) |
name | Network security rule name. | string (required) |
priority | The priority of the rule. The value can be in the range 1000 to 3000. Values outside this range are reserved for Service Fabric ManagerCluster Resource Provider. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | int Constraints: Min value = 1000 Max value = 3000 (required) |
protocol | Network protocol this rule applies to. | 'ah' 'esp' 'http' 'https' 'icmp' 'tcp' 'udp' (required) |
sourceAddressPrefix | The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. | string |
sourceAddressPrefixes | The CIDR or source IP ranges. | string[] |
sourcePortRange | The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
sourcePortRanges | The source port ranges. | string[] |
ResourceTags
Name | Description | Value |
---|
ServiceEndpoint
Name | Description | Value |
---|---|---|
locations | A list of locations. | string[] |
service | The type of the endpoint service. | string (required) |
SettingsParameterDescription
Name | Description | Value |
---|---|---|
name | The parameter name of fabric setting. | string (required) |
value | The parameter value of fabric setting. | string (required) |
SettingsSectionDescription
Name | Description | Value |
---|---|---|
name | The section name of the fabric settings. | string (required) |
parameters | The collection of parameters in the section. | SettingsParameterDescription[] (required) |
Sku
Name | Description | Value |
---|---|---|
name | Sku Name. | 'Basic' 'Standard' (required) |
Subnet
Name | Description | Value |
---|---|---|
enableIpv6 | Indicates wether to enable Ipv6 or not. If not provided, it will take the same configuration as the cluster. | bool |
name | Subnet name. | string (required) |
networkSecurityGroupId | Full resource id for the network security group. | string |
privateEndpointNetworkPolicies | Enable or Disable apply network policies on private end point in the subnet. | 'disabled' 'enabled' |
privateLinkServiceNetworkPolicies | Enable or Disable apply network policies on private link service in the subnet. | 'disabled' 'enabled' |