diff --git a/src/aks-preview/HISTORY.rst b/src/aks-preview/HISTORY.rst index 038194b61fd..6717815ac2b 100644 --- a/src/aks-preview/HISTORY.rst +++ b/src/aks-preview/HISTORY.rst @@ -13,6 +13,10 @@ Pending +++++++ * Vendor new SDK and bump API version to 2023-04-02-preview. +0.5.140 ++++++++ +* Allow options for specifying guardrails profile arguments + 0.5.139 * `az aks create` and `az aks nodepool add`: Add warning message when specifying `--os-sku` to `Mariner` or `CBLMariner`. diff --git a/src/aks-preview/azext_aks_preview/_consts.py b/src/aks-preview/azext_aks_preview/_consts.py index 6b59c6e6acc..3a0289d12d5 100644 --- a/src/aks-preview/azext_aks_preview/_consts.py +++ b/src/aks-preview/azext_aks_preview/_consts.py @@ -250,6 +250,11 @@ CONST_AUTOUPGRADE_CONFIGURATION_NAME = "aksManagedAutoUpgradeSchedule" CONST_NODEOSUPGRADE_CONFIGURATION_NAME = "aksManagedNodeOSUpgradeSchedule" +# Guardrails Level Consts +CONST_GUARDRAILSLEVEL_OFF = "Off" +CONST_GUARDRAILSLEVEL_WARNING = "Warning" +CONST_GUARDRAILSLEVEL_ENFORCEMENT = "Enforcement" + CONST_AZURE_SERVICE_MESH_MODE_DISABLED = "Disabled" CONST_AZURE_SERVICE_MESH_MODE_ISTIO = "Istio" CONST_AZURE_SERVICE_MESH_INGRESS_MODE_EXTERNAL = "External" diff --git a/src/aks-preview/azext_aks_preview/_help.py b/src/aks-preview/azext_aks_preview/_help.py index 7e9dd0f28b6..7290d473a8d 100644 --- a/src/aks-preview/azext_aks_preview/_help.py +++ b/src/aks-preview/azext_aks_preview/_help.py @@ -186,7 +186,7 @@ If monitoring addon is enabled --no-wait argument will have no effect virtual-node - enable AKS Virtual Node. Requires --aci-subnet-name to provide the name of an existing subnet for the Virtual Node to use. aci-subnet-name must be in the same vnet which is specified by --vnet-subnet-id (required as well). - azure-policy - enable Azure policy. The Azure Policy add-on for AKS enables at-scale enforcements and safeguards on your clusters in a centralized, consistent manner. + azure-policy - enable Azure policy. The Azure Policy add-on for AKS enables at-scale enforcements and safeguards on your clusters in a centralized, consistent manner. Required if enabling Guardrails Learn more at aka.ms/aks/policy. ingress-appgw - enable Application Gateway Ingress Controller addon (PREVIEW). confcom - enable confcom addon, this will enable SGX device plugin by default(PREVIEW). @@ -525,6 +525,15 @@ - name: --node-public-ip-tags type: string short-summary: The ipTags of the node public IPs. + - name: --guardrails-level + type: string + short-summary: The Guardrails Level. Accepted Values are [Off, Warning]. Requires azure policy addon to be enabled + - name: --guardrails-version + type: string + short-summary: The version of Guardrails to use. Default "v1.0.0" Use the ListGuardrailsVersions API to discover available versions + - name: --guardrails-excluded-ns + type: string + short-summary: Comma-separated list of Kubernetes namespaces to exclude from Guardrails - name: --enable-asm --enable-azure-service-mesh type: bool short-summary: Enable Azure Service Mesh. @@ -611,6 +620,10 @@ text: az aks create -g MyResourceGroup -n MyManagedCluster --network-plugin none - name: Create a kubernetes cluster with Custom CA Trust enabled. text: az aks create -g MyResourceGroup -n MyManagedCluster --enable-custom-ca-trust + - name: Create a kubernetes cluster with guardrails set to "Warning" + text: az aks create -g MyResourceGroup -n MyManagedCluster --guardrails-level Warning --enable-addons azure-policy + - name: Create a kubernetes cluster with guardrails set to "Warning" and some namespaces excluded + text: az aks create -g MyResourceGroup -n MyManagedCluster --guardrails-level Warning --guardrails-excluded-ns ns1,ns2 --enable-addons azure-policy - name: Create a kubernetes cluster with Azure Service Mesh enabled. text: az aks create -g MyResourceGroup -n MyManagedCluster --enable-azure-service-mesh - name: Create a kubernetes cluster with Azure Monitor Metrics enabled. @@ -1000,6 +1013,15 @@ type: string short-summary: Path to a file containing up to 10 blank line separated certificates. Only valid for linux nodes. long-summary: These certificates are used by Custom CA Trust features and will be added to trust stores of nodes. Requires Custom CA Trust to be enabled on the node. + - name: --guardrails-level + type: string + short-summary: The Guardrails Level. Accepted Values are [Off, Warning]. Requires azure policy addon to be enabled + - name: --guardrails-version + type: string + short-summary: The version of Guardrails to use. Default "v1.0.0" Use the ListGuardrailsVersions API to discover available versions + - name: --guardrails-excluded-ns + type: string + short-summary: Comma-separated list of Kubernetes namespaces to exclude from Guardrails. Use "" to clear a previously non-empty list examples: - name: Reconcile the cluster back to its current state. text: az aks update -g MyResourceGroup -n MyManagedCluster @@ -1059,6 +1081,12 @@ text: az aks update -g MyResourceGroup -n MyManagedCluster --enable-windows-gmsa --gmsa-dns-server "10.240.0.4" --gmsa-root-domain-name "contoso.com" - name: Update a existing managed cluster to a managed cluster snapshot. text: az aks update -g MyResourceGroup -n MyManagedCluster --cluster-snapshot-id "/subscriptions/00000/resourceGroups/AnotherResourceGroup/providers/Microsoft.ContainerService/managedclustersnapshots/mysnapshot1" + - name: Update a kubernetes cluster with guardrails set to "Warning". Assumes azure policy addon is already enabled + text: az aks update -g MyResourceGroup -n MyManagedCluster --guardrails-level Warning + - name: Update a kubernetes cluster with guardrails set to "Warning" and some namespaces excluded. Assumes azure policy addon is already enabled + text: az aks update -g MyResourceGroup -n MyManagedCluster --guardrails-level Warning --guardrails-excluded-ns ns1,ns2 + - name: Update a kubernetes cluster to clear any namespaces excluded from guardrails. Assumes azure policy addon is already enabled + text: az aks update -g MyResourceGroup -n MyManagedCluster --guardrails-excluded-ns "" """ helps['aks kollect'] = """ diff --git a/src/aks-preview/azext_aks_preview/_helpers.py b/src/aks-preview/azext_aks_preview/_helpers.py index 321dc29b04b..3d6995ad24a 100644 --- a/src/aks-preview/azext_aks_preview/_helpers.py +++ b/src/aks-preview/azext_aks_preview/_helpers.py @@ -19,6 +19,10 @@ from azext_aks_preview._client_factory import get_nodepool_snapshots_client, get_mc_snapshots_client +from azure.cli.command_modules.acs._validators import ( + extract_comma_separated_string, +) + logger = get_logger(__name__) # type variables @@ -282,3 +286,17 @@ def check_is_apiserver_vnet_integration_cluster(mc: ManagedCluster) -> bool: if mc and mc.api_server_access_profile: return bool(mc.api_server_access_profile.enable_vnet_integration) return False + + +def setup_common_guardrails_profile(level, version, excludedNamespaces, mc: ManagedCluster, models) -> ManagedCluster: + if (level is not None or version is not None or excludedNamespaces is not None) and mc.guardrails_profile is None: + mc.guardrails_profile = models.GuardrailsProfile( + level=level, + version=version + ) + # replace values with provided values + if excludedNamespaces is not None: + mc.guardrails_profile.excluded_namespaces = extract_comma_separated_string( + excludedNamespaces, enable_strip=True, keep_none=True, default_value=[]) + + return mc diff --git a/src/aks-preview/azext_aks_preview/_params.py b/src/aks-preview/azext_aks_preview/_params.py index e0655df8c22..8b599b1c965 100644 --- a/src/aks-preview/azext_aks_preview/_params.py +++ b/src/aks-preview/azext_aks_preview/_params.py @@ -75,6 +75,11 @@ CONST_WEEKINDEX_FIRST, CONST_WEEKINDEX_FOURTH, CONST_WEEKINDEX_LAST, + CONST_GUARDRAILSLEVEL_OFF, + CONST_GUARDRAILSLEVEL_WARNING, + CONST_GUARDRAILSLEVEL_ENFORCEMENT, + CONST_AZURE_SERVICE_MESH_INGRESS_MODE_EXTERNAL, + CONST_AZURE_SERVICE_MESH_INGRESS_MODE_INTERNAL, CONST_WEEKINDEX_SECOND, CONST_WEEKINDEX_THIRD, CONST_WEEKLY_MAINTENANCE_SCHEDULE, @@ -230,6 +235,13 @@ keyvault_network_access_types = [CONST_AZURE_KEYVAULT_NETWORK_ACCESS_PUBLIC, CONST_AZURE_KEYVAULT_NETWORK_ACCESS_PRIVATE] +# consts for guardrails level +guardrails_levels = [ + CONST_GUARDRAILSLEVEL_OFF, + CONST_GUARDRAILSLEVEL_WARNING, + CONST_GUARDRAILSLEVEL_ENFORCEMENT +] + # azure service mesh ingress_gateway_types = [ CONST_AZURE_SERVICE_MESH_INGRESS_MODE_EXTERNAL, @@ -417,6 +429,10 @@ def load_arguments(self, _): c.argument('nodepool_asg_ids', validator=validate_application_security_groups, is_preview=True, help="application security groups for agentpool") c.argument('node_public_ip_tags', arg_type=tags_type, validator=validate_node_public_ip_tags, help='space-separated tags: key[=value] [key[=value] ...].') + c.argument('guardrails_level', arg_type=get_enum_type(guardrails_levels), is_preview=True) + c.argument('guardrails_version', type=str, + help='The guardrails version', is_preview=True) + c.argument('guardrails_excluded_ns', type=str, is_preview=True) # azure monitor profile c.argument('enable_azuremonitormetrics', action='store_true') c.argument('azure_monitor_workspace_resource_id', validator=validate_azuremonitorworkspaceresourceid) @@ -538,6 +554,9 @@ def load_arguments(self, _): c.argument('disable_vpa', action='store_true', is_preview=True, help="disable vertical pod autoscaler for cluster") c.argument('cluster_snapshot_id', validator=validate_cluster_snapshot_id, is_preview=True) c.argument('custom_ca_trust_certificates', options_list=["--custom-ca-trust-certificates", "--ca-certs"], validator=validate_custom_ca_trust_certificates, is_preview=True, help="path to file containing list of new line separated CAs") + c.argument('guardrails_level', arg_type=get_enum_type(guardrails_levels), is_preview=True) + c.argument('guardrails_version', help='The guardrails version', is_preview=True) + c.argument('guardrails_excluded_ns', is_preview=True) with self.argument_context('aks upgrade') as c: c.argument('kubernetes_version', completer=get_k8s_upgrades_completion_list) diff --git a/src/aks-preview/azext_aks_preview/custom.py b/src/aks-preview/azext_aks_preview/custom.py index 82eecb6a694..a2c10309aca 100644 --- a/src/aks-preview/azext_aks_preview/custom.py +++ b/src/aks-preview/azext_aks_preview/custom.py @@ -573,6 +573,10 @@ def aks_create( nodepool_allowed_host_ports=None, nodepool_asg_ids=None, node_public_ip_tags=None, + # guardrails parameters + guardrails_level=None, + guardrails_version=None, + guardrails_excluded_ns=None, # azure service mesh enable_azure_service_mesh=None, # azure monitor profile @@ -736,6 +740,10 @@ def aks_update( disable_vpa=False, cluster_snapshot_id=None, custom_ca_trust_certificates=None, + # guardrails parameters + guardrails_level=None, + guardrails_version=None, + guardrails_excluded_ns=None, ): # DO NOT MOVE: get all the original parameters and save them as a dictionary raw_parameters = locals() diff --git a/src/aks-preview/azext_aks_preview/managed_cluster_decorator.py b/src/aks-preview/azext_aks_preview/managed_cluster_decorator.py index 5aee917b718..b29d2e9a48a 100644 --- a/src/aks-preview/azext_aks_preview/managed_cluster_decorator.py +++ b/src/aks-preview/azext_aks_preview/managed_cluster_decorator.py @@ -67,6 +67,7 @@ check_is_private_cluster, check_is_apiserver_vnet_integration_cluster, get_cluster_snapshot_by_snapshot_id, + setup_common_guardrails_profile ) from azext_aks_preview._loadbalancer import create_load_balancer_profile from azext_aks_preview._loadbalancer import ( @@ -162,6 +163,15 @@ def external_functions(self) -> SimpleNamespace: self.__external_functions = SimpleNamespace(**external_functions) return self.__external_functions + def get_guardrails_level(self) -> Union[str, None]: + return self.raw_param.get("guardrails_level") + + def get_guardrails_excluded_namespaces(self) -> Union[str, None]: + return self.raw_param.get("guardrails_excluded_ns") + + def get_guardrails_version(self) -> Union[str, None]: + return self.raw_param.get("guardrails_version") + # pylint: disable=no-self-use def __validate_pod_identity_with_kubenet(self, mc, enable_pod_identity, enable_pod_identity_with_kubenet): """Helper function to check the validity of serveral pod identity related parameters. @@ -2654,6 +2664,14 @@ def set_up_auto_upgrade_profile(self, mc: ManagedCluster) -> ManagedCluster: mc.auto_upgrade_profile.node_os_upgrade_channel = node_os_upgrade_channel return mc + def set_up_guardrails_profile(self, mc: ManagedCluster) -> ManagedCluster: + excludedNamespaces = self.context.get_guardrails_excluded_namespaces() + version = self.context.get_guardrails_version() + level = self.context.get_guardrails_level() + # provided any value? + mc = setup_common_guardrails_profile(level, version, excludedNamespaces, mc, self.models) + return mc + def set_up_azure_service_mesh_profile(self, mc: ManagedCluster) -> ManagedCluster: """Set up azure service mesh for the ManagedCluster object. @@ -2720,6 +2738,8 @@ def construct_mc_profile_preview(self, bypass_restore_defaults: bool = False) -> mc = self.set_up_node_resource_group_profile(mc) # set up auto upgrade profile mc = self.set_up_auto_upgrade_profile(mc) + # set up guardrails profile + mc = self.set_up_guardrails_profile(mc) # set up azure service mesh profile mc = self.set_up_azure_service_mesh_profile(mc) # set up azure monitor profile @@ -3436,6 +3456,26 @@ def update_auto_upgrade_profile(self, mc: ManagedCluster) -> ManagedCluster: mc.auto_upgrade_profile.node_os_upgrade_channel = node_os_upgrade_channel return mc + def update_guardrails_profile(self, mc: ManagedCluster) -> ManagedCluster: + """Update guardrails profile for the ManagedCluster object + :return: the ManagedCluster object + """ + + self._ensure_mc(mc) + + excludedNamespaces = self.context.get_guardrails_excluded_namespaces() + version = self.context.get_guardrails_version() + level = self.context.get_guardrails_level() + + mc = setup_common_guardrails_profile(level, version, excludedNamespaces, mc, self.models) + + if level is not None: + mc.guardrails_profile.level = level + if version is not None: + mc.guardrails_profile.version = version + + return mc + def update_azure_service_mesh_profile(self, mc: ManagedCluster) -> ManagedCluster: """Update azure service mesh profile for the ManagedCluster object. """ @@ -3561,6 +3601,8 @@ def update_mc_profile_preview(self) -> ManagedCluster: mc = self.update_node_resource_group_profile(mc) # update auto upgrade profile mc = self.update_auto_upgrade_profile(mc) + # update guardrails_profile + mc = self.update_guardrails_profile(mc) # update auto upgrade profile mc = self.update_upgrade_settings(mc) diff --git a/src/aks-preview/azext_aks_preview/tests/latest/recordings/test_aks_create_with_guardrails.yaml b/src/aks-preview/azext_aks_preview/tests/latest/recordings/test_aks_create_with_guardrails.yaml new file mode 100644 index 00000000000..f44ba1102d3 --- /dev/null +++ b/src/aks-preview/azext_aks_preview/tests/latest/recordings/test_aks_create_with_guardrails.yaml @@ -0,0 +1,838 @@ +interactions: +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --enable-addons + --ssh-key-value --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002?api-version=2023-04-02-preview + response: + body: + string: '{"error":{"code":"ResourceNotFound","message":"The Resource ''Microsoft.ContainerService/managedClusters/cliakstest000002'' + under resource group ''clitest000001'' was not found. For more details please + go to https://aka.ms/ARMResourceNotFoundFix"}}' + headers: + cache-control: + - no-cache + content-length: + - '244' + content-type: + - application/json; charset=utf-8 + date: + - Fri, 26 May 2023 14:26:25 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-failure-cause: + - gateway + status: + code: 404 + message: Not Found +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --enable-addons + --ssh-key-value --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-resource/22.0.0 Python/3.8.10 (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001?api-version=2022-09-01 + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001","name":"clitest000001","type":"Microsoft.Resources/resourceGroups","location":"westus2","tags":{"product":"azurecli","cause":"automation","test":"test_aks_create_with_guardrails","date":"2023-05-26T14:26:23Z","module":"aks-preview"},"properties":{"provisioningState":"Succeeded"}}' + headers: + cache-control: + - no-cache + content-length: + - '369' + content-type: + - application/json; charset=utf-8 + date: + - Fri, 26 May 2023 14:26:25 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: '{"location": "westus2", "identity": {"type": "SystemAssigned"}, "properties": + {"kubernetesVersion": "", "dnsPrefix": "cliakstest-clitest2kqp4yqvi-79a739", + "agentPoolProfiles": [{"count": 3, "vmSize": "Standard_DS2_v2", "osDiskSizeGB": + 0, "workloadRuntime": "OCIContainer", "osType": "Linux", "enableAutoScaling": + false, "type": "VirtualMachineScaleSets", "mode": "System", "orchestratorVersion": + "", "upgradeSettings": {}, "enableNodePublicIP": false, "enableCustomCATrust": + false, "scaleSetPriority": "Regular", "scaleSetEvictionPolicy": "Delete", "spotMaxPrice": + -1.0, "nodeTaints": [], "enableEncryptionAtHost": false, "enableUltraSSD": false, + "enableFIPS": false, "networkProfile": {}, "name": "nodepool1"}], "linuxProfile": + {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCf9g3FbYA7YtMBxMqO0yWh9pIzUTZb2cDLPjPnR+TrezzTiMk8OrEHQDZurqQtf+E5r/qmvqVJKrkSNU2g4OOgFOQd7JAiDfxzWL967E4tx0avDUd/TaekUsP981tYkLDSUWEh6p5oVjh3ce4ngo++6XDX9IDAT/S8wReNmlAsuKlB8jEUeeSr/6lhFddi3d0lCsAQ7hY7f2emMM7UTf+89ioNSUztW86qQXeEUwSNJVDofHY5gWBKnHQVJxrKXLzQWlYd2pbB6AxE/V3lJEBPhIwpn3PycAzFafNXW0OacNfoke5nSxQxzSgo0VxiB1RUwBq6wQMisMv/12MZqjoN + azcli_aks_live_test@example.com\n"}]}}, "addonProfiles": {"azurepolicy": {"enabled": + true}}, "enableRBAC": true, "enablePodSecurityPolicy": false, "networkProfile": + {"networkPlugin": "kubenet", "podCidr": "10.244.0.0/16", "serviceCidr": "10.0.0.0/16", + "dnsServiceIP": "10.0.0.10", "outboundType": "loadBalancer", "loadBalancerSku": + "standard"}, "disableLocalAccounts": false, "storageProfile": {}, "guardrailsProfile": + {"version": "v1.0.0", "level": "Warning"}}}' + headers: + AKSHTTPCustomFeatures: + - Microsoft.ContainerService/GuardrailsPreview + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + Content-Length: + - '1639' + Content-Type: + - application/json + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --enable-addons + --ssh-key-value --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002?api-version=2023-04-02-preview + response: + body: + string: "{\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002\",\n + \ \"location\": \"westus2\",\n \"name\": \"cliakstest000002\",\n \"type\": + \"Microsoft.ContainerService/ManagedClusters\",\n \"properties\": {\n \"provisioningState\": + \"Creating\",\n \"powerState\": {\n \"code\": \"Running\"\n },\n \"kubernetesVersion\": + \"1.25.6\",\n \"currentKubernetesVersion\": \"1.25.6\",\n \"dnsPrefix\": + \"cliakstest-clitest2kqp4yqvi-79a739\",\n \"fqdn\": \"cliakstest-clitest2kqp4yqvi-79a739-nducrbx4.hcp.westus2.azmk8s.io\",\n + \ \"azurePortalFQDN\": \"cliakstest-clitest2kqp4yqvi-79a739-nducrbx4.portal.hcp.westus2.azmk8s.io\",\n + \ \"agentPoolProfiles\": [\n {\n \"name\": \"nodepool1\",\n \"count\": + 3,\n \"vmSize\": \"Standard_DS2_v2\",\n \"osDiskSizeGB\": 128,\n \"osDiskType\": + \"Managed\",\n \"kubeletDiskType\": \"OS\",\n \"workloadRuntime\": + \"OCIContainer\",\n \"maxPods\": 110,\n \"type\": \"VirtualMachineScaleSets\",\n + \ \"enableAutoScaling\": false,\n \"provisioningState\": \"Creating\",\n + \ \"powerState\": {\n \"code\": \"Running\"\n },\n \"orchestratorVersion\": + \"1.25.6\",\n \"currentOrchestratorVersion\": \"1.25.6\",\n \"enableNodePublicIP\": + false,\n \"enableCustomCATrust\": false,\n \"mode\": \"System\",\n + \ \"enableEncryptionAtHost\": false,\n \"enableUltraSSD\": false,\n + \ \"osType\": \"Linux\",\n \"osSKU\": \"Ubuntu\",\n \"nodeImageVersion\": + \"AKSUbuntu-2204gen2containerd-202305.15.0\",\n \"upgradeSettings\": {},\n + \ \"enableFIPS\": false,\n \"networkProfile\": {}\n }\n ],\n \"linuxProfile\": + {\n \"adminUsername\": \"azureuser\",\n \"ssh\": {\n \"publicKeys\": + [\n {\n \"keyData\": \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCf9g3FbYA7YtMBxMqO0yWh9pIzUTZb2cDLPjPnR+TrezzTiMk8OrEHQDZurqQtf+E5r/qmvqVJKrkSNU2g4OOgFOQd7JAiDfxzWL967E4tx0avDUd/TaekUsP981tYkLDSUWEh6p5oVjh3ce4ngo++6XDX9IDAT/S8wReNmlAsuKlB8jEUeeSr/6lhFddi3d0lCsAQ7hY7f2emMM7UTf+89ioNSUztW86qQXeEUwSNJVDofHY5gWBKnHQVJxrKXLzQWlYd2pbB6AxE/V3lJEBPhIwpn3PycAzFafNXW0OacNfoke5nSxQxzSgo0VxiB1RUwBq6wQMisMv/12MZqjoN + azcli_aks_live_test@example.com\\n\"\n }\n ]\n }\n },\n \"servicePrincipalProfile\": + {\n \"clientId\":\"00000000-0000-0000-0000-000000000001\"\n },\n \"addonProfiles\": + {\n \"azurepolicy\": {\n \"enabled\": true,\n \"config\": null\n + \ }\n },\n \"nodeResourceGroup\": \"MC_clitest000001_cliakstest000002_westus2\",\n + \ \"enableRBAC\": true,\n \"enablePodSecurityPolicy\": false,\n \"supportPlan\": + \"KubernetesOfficial\",\n \"networkProfile\": {\n \"networkPlugin\": + \"kubenet\",\n \"loadBalancerSku\": \"standard\",\n \"loadBalancerProfile\": + {\n \"managedOutboundIPs\": {\n \"count\": 1\n },\n \"backendPoolType\": + \"nodeIPConfiguration\"\n },\n \"podCidr\": \"10.244.0.0/16\",\n \"serviceCidr\": + \"10.0.0.0/16\",\n \"dnsServiceIP\": \"10.0.0.10\",\n \"outboundType\": + \"loadBalancer\",\n \"podCidrs\": [\n \"10.244.0.0/16\"\n ],\n \"serviceCidrs\": + [\n \"10.0.0.0/16\"\n ],\n \"ipFamilies\": [\n \"IPv4\"\n ]\n + \ },\n \"maxAgentPools\": 100,\n \"disableLocalAccounts\": false,\n \"securityProfile\": + {},\n \"storageProfile\": {\n \"diskCSIDriver\": {\n \"enabled\": + true,\n \"version\": \"v1\"\n },\n \"fileCSIDriver\": {\n \"enabled\": + true\n },\n \"snapshotController\": {\n \"enabled\": true\n }\n + \ },\n \"oidcIssuerProfile\": {\n \"enabled\": false\n },\n \"guardrailsProfile\": + {\n \"level\": \"Warning\",\n \"version\": \"v1.0.0\",\n \"systemExcludedNamespaces\": + [\n \"kube-system\",\n \"calico-system\",\n \"tigera-system\",\n + \ \"gatekeeper-system\"\n ]\n },\n \"workloadAutoScalerProfile\": + {}\n },\n \"identity\": {\n \"type\": \"SystemAssigned\",\n \"principalId\":\"00000000-0000-0000-0000-000000000001\",\n + \ \"tenantId\": \"72f988bf-86f1-41af-91ab-2d7cd011db47\"\n },\n \"sku\": + {\n \"name\": \"Base\",\n \"tier\": \"Free\"\n }\n }" + headers: + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/210e66ce-4ce5-4920-a3af-0b7dda9a127c?api-version=2016-03-30 + cache-control: + - no-cache + content-length: + - '3782' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:26:32 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + status: + code: 201 + message: Created +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --enable-addons + --ssh-key-value --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/210e66ce-4ce5-4920-a3af-0b7dda9a127c?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"ce660e21-e54c-2049-a3af-0b7dda9a127c\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:31.8199948Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:26:32 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --enable-addons + --ssh-key-value --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/210e66ce-4ce5-4920-a3af-0b7dda9a127c?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"ce660e21-e54c-2049-a3af-0b7dda9a127c\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:31.8199948Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:27:02 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --enable-addons + --ssh-key-value --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/210e66ce-4ce5-4920-a3af-0b7dda9a127c?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"ce660e21-e54c-2049-a3af-0b7dda9a127c\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:31.8199948Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:27:32 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --enable-addons + --ssh-key-value --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/210e66ce-4ce5-4920-a3af-0b7dda9a127c?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"ce660e21-e54c-2049-a3af-0b7dda9a127c\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:31.8199948Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:28:02 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --enable-addons + --ssh-key-value --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/210e66ce-4ce5-4920-a3af-0b7dda9a127c?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"ce660e21-e54c-2049-a3af-0b7dda9a127c\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:31.8199948Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:28:32 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --enable-addons + --ssh-key-value --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/210e66ce-4ce5-4920-a3af-0b7dda9a127c?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"ce660e21-e54c-2049-a3af-0b7dda9a127c\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:31.8199948Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:29:02 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --enable-addons + --ssh-key-value --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/210e66ce-4ce5-4920-a3af-0b7dda9a127c?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"ce660e21-e54c-2049-a3af-0b7dda9a127c\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:31.8199948Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:29:32 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --enable-addons + --ssh-key-value --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/210e66ce-4ce5-4920-a3af-0b7dda9a127c?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"ce660e21-e54c-2049-a3af-0b7dda9a127c\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:31.8199948Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:30:02 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --enable-addons + --ssh-key-value --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/210e66ce-4ce5-4920-a3af-0b7dda9a127c?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"ce660e21-e54c-2049-a3af-0b7dda9a127c\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:31.8199948Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:30:33 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --enable-addons + --ssh-key-value --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/210e66ce-4ce5-4920-a3af-0b7dda9a127c?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"ce660e21-e54c-2049-a3af-0b7dda9a127c\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:31.8199948Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:31:03 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --enable-addons + --ssh-key-value --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/210e66ce-4ce5-4920-a3af-0b7dda9a127c?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"ce660e21-e54c-2049-a3af-0b7dda9a127c\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:31.8199948Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:31:33 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --enable-addons + --ssh-key-value --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/210e66ce-4ce5-4920-a3af-0b7dda9a127c?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"ce660e21-e54c-2049-a3af-0b7dda9a127c\",\n \"status\": + \"Succeeded\",\n \"startTime\": \"2023-05-26T14:26:31.8199948Z\",\n \"endTime\": + \"2023-05-26T14:31:58.6871185Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '170' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:32:04 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --enable-addons + --ssh-key-value --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002?api-version=2023-04-02-preview + response: + body: + string: "{\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002\",\n + \ \"location\": \"westus2\",\n \"name\": \"cliakstest000002\",\n \"type\": + \"Microsoft.ContainerService/ManagedClusters\",\n \"properties\": {\n \"provisioningState\": + \"Succeeded\",\n \"powerState\": {\n \"code\": \"Running\"\n },\n \"kubernetesVersion\": + \"1.25.6\",\n \"currentKubernetesVersion\": \"1.25.6\",\n \"dnsPrefix\": + \"cliakstest-clitest2kqp4yqvi-79a739\",\n \"fqdn\": \"cliakstest-clitest2kqp4yqvi-79a739-nducrbx4.hcp.westus2.azmk8s.io\",\n + \ \"azurePortalFQDN\": \"cliakstest-clitest2kqp4yqvi-79a739-nducrbx4.portal.hcp.westus2.azmk8s.io\",\n + \ \"agentPoolProfiles\": [\n {\n \"name\": \"nodepool1\",\n \"count\": + 3,\n \"vmSize\": \"Standard_DS2_v2\",\n \"osDiskSizeGB\": 128,\n \"osDiskType\": + \"Managed\",\n \"kubeletDiskType\": \"OS\",\n \"workloadRuntime\": + \"OCIContainer\",\n \"maxPods\": 110,\n \"type\": \"VirtualMachineScaleSets\",\n + \ \"enableAutoScaling\": false,\n \"provisioningState\": \"Succeeded\",\n + \ \"powerState\": {\n \"code\": \"Running\"\n },\n \"orchestratorVersion\": + \"1.25.6\",\n \"currentOrchestratorVersion\": \"1.25.6\",\n \"enableNodePublicIP\": + false,\n \"enableCustomCATrust\": false,\n \"mode\": \"System\",\n + \ \"enableEncryptionAtHost\": false,\n \"enableUltraSSD\": false,\n + \ \"osType\": \"Linux\",\n \"osSKU\": \"Ubuntu\",\n \"nodeImageVersion\": + \"AKSUbuntu-2204gen2containerd-202305.15.0\",\n \"upgradeSettings\": {},\n + \ \"enableFIPS\": false,\n \"networkProfile\": {}\n }\n ],\n \"linuxProfile\": + {\n \"adminUsername\": \"azureuser\",\n \"ssh\": {\n \"publicKeys\": + [\n {\n \"keyData\": \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCf9g3FbYA7YtMBxMqO0yWh9pIzUTZb2cDLPjPnR+TrezzTiMk8OrEHQDZurqQtf+E5r/qmvqVJKrkSNU2g4OOgFOQd7JAiDfxzWL967E4tx0avDUd/TaekUsP981tYkLDSUWEh6p5oVjh3ce4ngo++6XDX9IDAT/S8wReNmlAsuKlB8jEUeeSr/6lhFddi3d0lCsAQ7hY7f2emMM7UTf+89ioNSUztW86qQXeEUwSNJVDofHY5gWBKnHQVJxrKXLzQWlYd2pbB6AxE/V3lJEBPhIwpn3PycAzFafNXW0OacNfoke5nSxQxzSgo0VxiB1RUwBq6wQMisMv/12MZqjoN + azcli_aks_live_test@example.com\\n\"\n }\n ]\n }\n },\n \"servicePrincipalProfile\": + {\n \"clientId\":\"00000000-0000-0000-0000-000000000001\"\n },\n \"addonProfiles\": + {\n \"azurepolicy\": {\n \"enabled\": true,\n \"config\": null,\n + \ \"identity\": {\n \"resourceId\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_clitest000001_cliakstest000002_westus2/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azurepolicy-cliakstest000002\",\n + \ \"clientId\":\"00000000-0000-0000-0000-000000000001\",\n \"objectId\":\"00000000-0000-0000-0000-000000000001\"\n + \ }\n }\n },\n \"nodeResourceGroup\": \"MC_clitest000001_cliakstest000002_westus2\",\n + \ \"enableRBAC\": true,\n \"enablePodSecurityPolicy\": false,\n \"supportPlan\": + \"KubernetesOfficial\",\n \"networkProfile\": {\n \"networkPlugin\": + \"kubenet\",\n \"loadBalancerSku\": \"Standard\",\n \"loadBalancerProfile\": + {\n \"managedOutboundIPs\": {\n \"count\": 1\n },\n \"effectiveOutboundIPs\": + [\n {\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_clitest000001_cliakstest000002_westus2/providers/Microsoft.Network/publicIPAddresses/4d01a4df-e4c3-4e9b-a584-af299c5c09ab\"\n + \ }\n ],\n \"backendPoolType\": \"nodeIPConfiguration\"\n },\n + \ \"podCidr\": \"10.244.0.0/16\",\n \"serviceCidr\": \"10.0.0.0/16\",\n + \ \"dnsServiceIP\": \"10.0.0.10\",\n \"outboundType\": \"loadBalancer\",\n + \ \"podCidrs\": [\n \"10.244.0.0/16\"\n ],\n \"serviceCidrs\": + [\n \"10.0.0.0/16\"\n ],\n \"ipFamilies\": [\n \"IPv4\"\n ]\n + \ },\n \"maxAgentPools\": 100,\n \"identityProfile\": {\n \"kubeletidentity\": + {\n \"resourceId\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_clitest000001_cliakstest000002_westus2/providers/Microsoft.ManagedIdentity/userAssignedIdentities/cliakstest000002-agentpool\",\n + \ \"clientId\":\"00000000-0000-0000-0000-000000000001\",\n \"objectId\":\"00000000-0000-0000-0000-000000000001\"\n + \ }\n },\n \"disableLocalAccounts\": false,\n \"securityProfile\": + {},\n \"storageProfile\": {\n \"diskCSIDriver\": {\n \"enabled\": + true,\n \"version\": \"v1\"\n },\n \"fileCSIDriver\": {\n \"enabled\": + true\n },\n \"snapshotController\": {\n \"enabled\": true\n }\n + \ },\n \"oidcIssuerProfile\": {\n \"enabled\": false\n },\n \"guardrailsProfile\": + {\n \"level\": \"Warning\",\n \"version\": \"v1.0.0\",\n \"systemExcludedNamespaces\": + [\n \"kube-system\",\n \"calico-system\",\n \"tigera-system\",\n + \ \"gatekeeper-system\"\n ]\n },\n \"workloadAutoScalerProfile\": + {}\n },\n \"identity\": {\n \"type\": \"SystemAssigned\",\n \"principalId\":\"00000000-0000-0000-0000-000000000001\",\n + \ \"tenantId\": \"72f988bf-86f1-41af-91ab-2d7cd011db47\"\n },\n \"sku\": + {\n \"name\": \"Base\",\n \"tier\": \"Free\"\n }\n }" + headers: + cache-control: + - no-cache + content-length: + - '4795' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:32:05 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +version: 1 diff --git a/src/aks-preview/azext_aks_preview/tests/latest/recordings/test_aks_update_with_guardrails.yaml b/src/aks-preview/azext_aks_preview/tests/latest/recordings/test_aks_update_with_guardrails.yaml new file mode 100644 index 00000000000..511d9251c24 --- /dev/null +++ b/src/aks-preview/azext_aks_preview/tests/latest/recordings/test_aks_update_with_guardrails.yaml @@ -0,0 +1,1437 @@ +interactions: +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --ssh-key-value --enable-addons + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002?api-version=2023-04-02-preview + response: + body: + string: '{"error":{"code":"ResourceNotFound","message":"The Resource ''Microsoft.ContainerService/managedClusters/cliakstest000002'' + under resource group ''clitest000001'' was not found. For more details please + go to https://aka.ms/ARMResourceNotFoundFix"}}' + headers: + cache-control: + - no-cache + content-length: + - '244' + content-type: + - application/json; charset=utf-8 + date: + - Fri, 26 May 2023 14:26:24 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-failure-cause: + - gateway + status: + code: 404 + message: Not Found +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --ssh-key-value --enable-addons + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-resource/22.0.0 Python/3.8.10 (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001?api-version=2022-09-01 + response: + body: + string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001","name":"clitest000001","type":"Microsoft.Resources/resourceGroups","location":"westus2","tags":{"product":"azurecli","cause":"automation","test":"test_aks_update_with_guardrails","date":"2023-05-26T14:26:23Z","module":"aks-preview"},"properties":{"provisioningState":"Succeeded"}}' + headers: + cache-control: + - no-cache + content-length: + - '369' + content-type: + - application/json; charset=utf-8 + date: + - Fri, 26 May 2023 14:26:24 GMT + expires: + - '-1' + pragma: + - no-cache + strict-transport-security: + - max-age=31536000; includeSubDomains + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: '{"location": "westus2", "identity": {"type": "SystemAssigned"}, "properties": + {"kubernetesVersion": "", "dnsPrefix": "cliakstest-clitests6pffkuwq-79a739", + "agentPoolProfiles": [{"count": 3, "vmSize": "Standard_DS2_v2", "osDiskSizeGB": + 0, "workloadRuntime": "OCIContainer", "osType": "Linux", "enableAutoScaling": + false, "type": "VirtualMachineScaleSets", "mode": "System", "orchestratorVersion": + "", "upgradeSettings": {}, "enableNodePublicIP": false, "enableCustomCATrust": + false, "scaleSetPriority": "Regular", "scaleSetEvictionPolicy": "Delete", "spotMaxPrice": + -1.0, "nodeTaints": [], "enableEncryptionAtHost": false, "enableUltraSSD": false, + "enableFIPS": false, "networkProfile": {}, "name": "nodepool1"}], "linuxProfile": + {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCf9g3FbYA7YtMBxMqO0yWh9pIzUTZb2cDLPjPnR+TrezzTiMk8OrEHQDZurqQtf+E5r/qmvqVJKrkSNU2g4OOgFOQd7JAiDfxzWL967E4tx0avDUd/TaekUsP981tYkLDSUWEh6p5oVjh3ce4ngo++6XDX9IDAT/S8wReNmlAsuKlB8jEUeeSr/6lhFddi3d0lCsAQ7hY7f2emMM7UTf+89ioNSUztW86qQXeEUwSNJVDofHY5gWBKnHQVJxrKXLzQWlYd2pbB6AxE/V3lJEBPhIwpn3PycAzFafNXW0OacNfoke5nSxQxzSgo0VxiB1RUwBq6wQMisMv/12MZqjoN + azcli_aks_live_test@example.com\n"}]}}, "addonProfiles": {"azurepolicy": {"enabled": + true}}, "enableRBAC": true, "enablePodSecurityPolicy": false, "networkProfile": + {"networkPlugin": "kubenet", "podCidr": "10.244.0.0/16", "serviceCidr": "10.0.0.0/16", + "dnsServiceIP": "10.0.0.10", "outboundType": "loadBalancer", "loadBalancerSku": + "standard"}, "disableLocalAccounts": false, "storageProfile": {}}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + Content-Length: + - '1575' + Content-Type: + - application/json + ParameterSetName: + - --resource-group --name --ssh-key-value --enable-addons + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002?api-version=2023-04-02-preview + response: + body: + string: "{\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002\",\n + \ \"location\": \"westus2\",\n \"name\": \"cliakstest000002\",\n \"type\": + \"Microsoft.ContainerService/ManagedClusters\",\n \"properties\": {\n \"provisioningState\": + \"Creating\",\n \"powerState\": {\n \"code\": \"Running\"\n },\n \"kubernetesVersion\": + \"1.25.6\",\n \"currentKubernetesVersion\": \"1.25.6\",\n \"dnsPrefix\": + \"cliakstest-clitests6pffkuwq-79a739\",\n \"fqdn\": \"cliakstest-clitests6pffkuwq-79a739-utpuacan.hcp.westus2.azmk8s.io\",\n + \ \"azurePortalFQDN\": \"cliakstest-clitests6pffkuwq-79a739-utpuacan.portal.hcp.westus2.azmk8s.io\",\n + \ \"agentPoolProfiles\": [\n {\n \"name\": \"nodepool1\",\n \"count\": + 3,\n \"vmSize\": \"Standard_DS2_v2\",\n \"osDiskSizeGB\": 128,\n \"osDiskType\": + \"Managed\",\n \"kubeletDiskType\": \"OS\",\n \"workloadRuntime\": + \"OCIContainer\",\n \"maxPods\": 110,\n \"type\": \"VirtualMachineScaleSets\",\n + \ \"enableAutoScaling\": false,\n \"provisioningState\": \"Creating\",\n + \ \"powerState\": {\n \"code\": \"Running\"\n },\n \"orchestratorVersion\": + \"1.25.6\",\n \"currentOrchestratorVersion\": \"1.25.6\",\n \"enableNodePublicIP\": + false,\n \"enableCustomCATrust\": false,\n \"mode\": \"System\",\n + \ \"enableEncryptionAtHost\": false,\n \"enableUltraSSD\": false,\n + \ \"osType\": \"Linux\",\n \"osSKU\": \"Ubuntu\",\n \"nodeImageVersion\": + \"AKSUbuntu-2204gen2containerd-202305.15.0\",\n \"upgradeSettings\": {},\n + \ \"enableFIPS\": false,\n \"networkProfile\": {}\n }\n ],\n \"linuxProfile\": + {\n \"adminUsername\": \"azureuser\",\n \"ssh\": {\n \"publicKeys\": + [\n {\n \"keyData\": \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCf9g3FbYA7YtMBxMqO0yWh9pIzUTZb2cDLPjPnR+TrezzTiMk8OrEHQDZurqQtf+E5r/qmvqVJKrkSNU2g4OOgFOQd7JAiDfxzWL967E4tx0avDUd/TaekUsP981tYkLDSUWEh6p5oVjh3ce4ngo++6XDX9IDAT/S8wReNmlAsuKlB8jEUeeSr/6lhFddi3d0lCsAQ7hY7f2emMM7UTf+89ioNSUztW86qQXeEUwSNJVDofHY5gWBKnHQVJxrKXLzQWlYd2pbB6AxE/V3lJEBPhIwpn3PycAzFafNXW0OacNfoke5nSxQxzSgo0VxiB1RUwBq6wQMisMv/12MZqjoN + azcli_aks_live_test@example.com\\n\"\n }\n ]\n }\n },\n \"servicePrincipalProfile\": + {\n \"clientId\":\"00000000-0000-0000-0000-000000000001\"\n },\n \"addonProfiles\": + {\n \"azurepolicy\": {\n \"enabled\": true,\n \"config\": null\n + \ }\n },\n \"nodeResourceGroup\": \"MC_clitest000001_cliakstest000002_westus2\",\n + \ \"enableRBAC\": true,\n \"enablePodSecurityPolicy\": false,\n \"supportPlan\": + \"KubernetesOfficial\",\n \"networkProfile\": {\n \"networkPlugin\": + \"kubenet\",\n \"loadBalancerSku\": \"standard\",\n \"loadBalancerProfile\": + {\n \"managedOutboundIPs\": {\n \"count\": 1\n },\n \"backendPoolType\": + \"nodeIPConfiguration\"\n },\n \"podCidr\": \"10.244.0.0/16\",\n \"serviceCidr\": + \"10.0.0.0/16\",\n \"dnsServiceIP\": \"10.0.0.10\",\n \"outboundType\": + \"loadBalancer\",\n \"podCidrs\": [\n \"10.244.0.0/16\"\n ],\n \"serviceCidrs\": + [\n \"10.0.0.0/16\"\n ],\n \"ipFamilies\": [\n \"IPv4\"\n ]\n + \ },\n \"maxAgentPools\": 100,\n \"disableLocalAccounts\": false,\n \"securityProfile\": + {},\n \"storageProfile\": {\n \"diskCSIDriver\": {\n \"enabled\": + true,\n \"version\": \"v1\"\n },\n \"fileCSIDriver\": {\n \"enabled\": + true\n },\n \"snapshotController\": {\n \"enabled\": true\n }\n + \ },\n \"oidcIssuerProfile\": {\n \"enabled\": false\n },\n \"workloadAutoScalerProfile\": + {}\n },\n \"identity\": {\n \"type\": \"SystemAssigned\",\n \"principalId\":\"00000000-0000-0000-0000-000000000001\",\n + \ \"tenantId\": \"72f988bf-86f1-41af-91ab-2d7cd011db47\"\n },\n \"sku\": + {\n \"name\": \"Base\",\n \"tier\": \"Free\"\n }\n }" + headers: + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/b085bc67-5f13-4cd2-baa2-3c7b0d6bb506?api-version=2016-03-30 + cache-control: + - no-cache + content-length: + - '3572' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:26:31 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + status: + code: 201 + message: Created +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --ssh-key-value --enable-addons + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/b085bc67-5f13-4cd2-baa2-3c7b0d6bb506?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"67bc85b0-135f-d24c-baa2-3c7b0d6bb506\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:30.7574504Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:26:31 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --ssh-key-value --enable-addons + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/b085bc67-5f13-4cd2-baa2-3c7b0d6bb506?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"67bc85b0-135f-d24c-baa2-3c7b0d6bb506\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:30.7574504Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:27:01 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --ssh-key-value --enable-addons + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/b085bc67-5f13-4cd2-baa2-3c7b0d6bb506?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"67bc85b0-135f-d24c-baa2-3c7b0d6bb506\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:30.7574504Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:27:30 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --ssh-key-value --enable-addons + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/b085bc67-5f13-4cd2-baa2-3c7b0d6bb506?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"67bc85b0-135f-d24c-baa2-3c7b0d6bb506\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:30.7574504Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:28:01 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --ssh-key-value --enable-addons + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/b085bc67-5f13-4cd2-baa2-3c7b0d6bb506?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"67bc85b0-135f-d24c-baa2-3c7b0d6bb506\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:30.7574504Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:28:31 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --ssh-key-value --enable-addons + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/b085bc67-5f13-4cd2-baa2-3c7b0d6bb506?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"67bc85b0-135f-d24c-baa2-3c7b0d6bb506\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:30.7574504Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:29:01 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --ssh-key-value --enable-addons + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/b085bc67-5f13-4cd2-baa2-3c7b0d6bb506?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"67bc85b0-135f-d24c-baa2-3c7b0d6bb506\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:30.7574504Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:29:31 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --ssh-key-value --enable-addons + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/b085bc67-5f13-4cd2-baa2-3c7b0d6bb506?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"67bc85b0-135f-d24c-baa2-3c7b0d6bb506\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:30.7574504Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:30:01 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --ssh-key-value --enable-addons + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/b085bc67-5f13-4cd2-baa2-3c7b0d6bb506?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"67bc85b0-135f-d24c-baa2-3c7b0d6bb506\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:30.7574504Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:30:32 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --ssh-key-value --enable-addons + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/b085bc67-5f13-4cd2-baa2-3c7b0d6bb506?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"67bc85b0-135f-d24c-baa2-3c7b0d6bb506\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:30.7574504Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:31:02 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --ssh-key-value --enable-addons + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/b085bc67-5f13-4cd2-baa2-3c7b0d6bb506?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"67bc85b0-135f-d24c-baa2-3c7b0d6bb506\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:26:30.7574504Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '126' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:31:31 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --ssh-key-value --enable-addons + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/b085bc67-5f13-4cd2-baa2-3c7b0d6bb506?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"67bc85b0-135f-d24c-baa2-3c7b0d6bb506\",\n \"status\": + \"Succeeded\",\n \"startTime\": \"2023-05-26T14:26:30.7574504Z\",\n \"endTime\": + \"2023-05-26T14:31:56.7799836Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '170' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:32:02 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks create + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --ssh-key-value --enable-addons + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002?api-version=2023-04-02-preview + response: + body: + string: "{\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002\",\n + \ \"location\": \"westus2\",\n \"name\": \"cliakstest000002\",\n \"type\": + \"Microsoft.ContainerService/ManagedClusters\",\n \"properties\": {\n \"provisioningState\": + \"Succeeded\",\n \"powerState\": {\n \"code\": \"Running\"\n },\n \"kubernetesVersion\": + \"1.25.6\",\n \"currentKubernetesVersion\": \"1.25.6\",\n \"dnsPrefix\": + \"cliakstest-clitests6pffkuwq-79a739\",\n \"fqdn\": \"cliakstest-clitests6pffkuwq-79a739-utpuacan.hcp.westus2.azmk8s.io\",\n + \ \"azurePortalFQDN\": \"cliakstest-clitests6pffkuwq-79a739-utpuacan.portal.hcp.westus2.azmk8s.io\",\n + \ \"agentPoolProfiles\": [\n {\n \"name\": \"nodepool1\",\n \"count\": + 3,\n \"vmSize\": \"Standard_DS2_v2\",\n \"osDiskSizeGB\": 128,\n \"osDiskType\": + \"Managed\",\n \"kubeletDiskType\": \"OS\",\n \"workloadRuntime\": + \"OCIContainer\",\n \"maxPods\": 110,\n \"type\": \"VirtualMachineScaleSets\",\n + \ \"enableAutoScaling\": false,\n \"provisioningState\": \"Succeeded\",\n + \ \"powerState\": {\n \"code\": \"Running\"\n },\n \"orchestratorVersion\": + \"1.25.6\",\n \"currentOrchestratorVersion\": \"1.25.6\",\n \"enableNodePublicIP\": + false,\n \"enableCustomCATrust\": false,\n \"mode\": \"System\",\n + \ \"enableEncryptionAtHost\": false,\n \"enableUltraSSD\": false,\n + \ \"osType\": \"Linux\",\n \"osSKU\": \"Ubuntu\",\n \"nodeImageVersion\": + \"AKSUbuntu-2204gen2containerd-202305.15.0\",\n \"upgradeSettings\": {},\n + \ \"enableFIPS\": false,\n \"networkProfile\": {}\n }\n ],\n \"linuxProfile\": + {\n \"adminUsername\": \"azureuser\",\n \"ssh\": {\n \"publicKeys\": + [\n {\n \"keyData\": \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCf9g3FbYA7YtMBxMqO0yWh9pIzUTZb2cDLPjPnR+TrezzTiMk8OrEHQDZurqQtf+E5r/qmvqVJKrkSNU2g4OOgFOQd7JAiDfxzWL967E4tx0avDUd/TaekUsP981tYkLDSUWEh6p5oVjh3ce4ngo++6XDX9IDAT/S8wReNmlAsuKlB8jEUeeSr/6lhFddi3d0lCsAQ7hY7f2emMM7UTf+89ioNSUztW86qQXeEUwSNJVDofHY5gWBKnHQVJxrKXLzQWlYd2pbB6AxE/V3lJEBPhIwpn3PycAzFafNXW0OacNfoke5nSxQxzSgo0VxiB1RUwBq6wQMisMv/12MZqjoN + azcli_aks_live_test@example.com\\n\"\n }\n ]\n }\n },\n \"servicePrincipalProfile\": + {\n \"clientId\":\"00000000-0000-0000-0000-000000000001\"\n },\n \"addonProfiles\": + {\n \"azurepolicy\": {\n \"enabled\": true,\n \"config\": null,\n + \ \"identity\": {\n \"resourceId\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_clitest000001_cliakstest000002_westus2/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azurepolicy-cliakstest000002\",\n + \ \"clientId\":\"00000000-0000-0000-0000-000000000001\",\n \"objectId\":\"00000000-0000-0000-0000-000000000001\"\n + \ }\n }\n },\n \"nodeResourceGroup\": \"MC_clitest000001_cliakstest000002_westus2\",\n + \ \"enableRBAC\": true,\n \"enablePodSecurityPolicy\": false,\n \"supportPlan\": + \"KubernetesOfficial\",\n \"networkProfile\": {\n \"networkPlugin\": + \"kubenet\",\n \"loadBalancerSku\": \"Standard\",\n \"loadBalancerProfile\": + {\n \"managedOutboundIPs\": {\n \"count\": 1\n },\n \"effectiveOutboundIPs\": + [\n {\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_clitest000001_cliakstest000002_westus2/providers/Microsoft.Network/publicIPAddresses/ca43f9f7-b0ad-4156-85f6-1f249a86abd9\"\n + \ }\n ],\n \"backendPoolType\": \"nodeIPConfiguration\"\n },\n + \ \"podCidr\": \"10.244.0.0/16\",\n \"serviceCidr\": \"10.0.0.0/16\",\n + \ \"dnsServiceIP\": \"10.0.0.10\",\n \"outboundType\": \"loadBalancer\",\n + \ \"podCidrs\": [\n \"10.244.0.0/16\"\n ],\n \"serviceCidrs\": + [\n \"10.0.0.0/16\"\n ],\n \"ipFamilies\": [\n \"IPv4\"\n ]\n + \ },\n \"maxAgentPools\": 100,\n \"identityProfile\": {\n \"kubeletidentity\": + {\n \"resourceId\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_clitest000001_cliakstest000002_westus2/providers/Microsoft.ManagedIdentity/userAssignedIdentities/cliakstest000002-agentpool\",\n + \ \"clientId\":\"00000000-0000-0000-0000-000000000001\",\n \"objectId\":\"00000000-0000-0000-0000-000000000001\"\n + \ }\n },\n \"disableLocalAccounts\": false,\n \"securityProfile\": + {},\n \"storageProfile\": {\n \"diskCSIDriver\": {\n \"enabled\": + true,\n \"version\": \"v1\"\n },\n \"fileCSIDriver\": {\n \"enabled\": + true\n },\n \"snapshotController\": {\n \"enabled\": true\n }\n + \ },\n \"oidcIssuerProfile\": {\n \"enabled\": false\n },\n \"workloadAutoScalerProfile\": + {}\n },\n \"identity\": {\n \"type\": \"SystemAssigned\",\n \"principalId\":\"00000000-0000-0000-0000-000000000001\",\n + \ \"tenantId\": \"72f988bf-86f1-41af-91ab-2d7cd011db47\"\n },\n \"sku\": + {\n \"name\": \"Base\",\n \"tier\": \"Free\"\n }\n }" + headers: + cache-control: + - no-cache + content-length: + - '4585' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:32:03 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks update + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --guardrails-excluded-ns + --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002?api-version=2023-04-02-preview + response: + body: + string: "{\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002\",\n + \ \"location\": \"westus2\",\n \"name\": \"cliakstest000002\",\n \"type\": + \"Microsoft.ContainerService/ManagedClusters\",\n \"properties\": {\n \"provisioningState\": + \"Succeeded\",\n \"powerState\": {\n \"code\": \"Running\"\n },\n \"kubernetesVersion\": + \"1.25.6\",\n \"currentKubernetesVersion\": \"1.25.6\",\n \"dnsPrefix\": + \"cliakstest-clitests6pffkuwq-79a739\",\n \"fqdn\": \"cliakstest-clitests6pffkuwq-79a739-utpuacan.hcp.westus2.azmk8s.io\",\n + \ \"azurePortalFQDN\": \"cliakstest-clitests6pffkuwq-79a739-utpuacan.portal.hcp.westus2.azmk8s.io\",\n + \ \"agentPoolProfiles\": [\n {\n \"name\": \"nodepool1\",\n \"count\": + 3,\n \"vmSize\": \"Standard_DS2_v2\",\n \"osDiskSizeGB\": 128,\n \"osDiskType\": + \"Managed\",\n \"kubeletDiskType\": \"OS\",\n \"workloadRuntime\": + \"OCIContainer\",\n \"maxPods\": 110,\n \"type\": \"VirtualMachineScaleSets\",\n + \ \"enableAutoScaling\": false,\n \"provisioningState\": \"Succeeded\",\n + \ \"powerState\": {\n \"code\": \"Running\"\n },\n \"orchestratorVersion\": + \"1.25.6\",\n \"currentOrchestratorVersion\": \"1.25.6\",\n \"enableNodePublicIP\": + false,\n \"enableCustomCATrust\": false,\n \"mode\": \"System\",\n + \ \"enableEncryptionAtHost\": false,\n \"enableUltraSSD\": false,\n + \ \"osType\": \"Linux\",\n \"osSKU\": \"Ubuntu\",\n \"nodeImageVersion\": + \"AKSUbuntu-2204gen2containerd-202305.15.0\",\n \"upgradeSettings\": {},\n + \ \"enableFIPS\": false,\n \"networkProfile\": {}\n }\n ],\n \"linuxProfile\": + {\n \"adminUsername\": \"azureuser\",\n \"ssh\": {\n \"publicKeys\": + [\n {\n \"keyData\": \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCf9g3FbYA7YtMBxMqO0yWh9pIzUTZb2cDLPjPnR+TrezzTiMk8OrEHQDZurqQtf+E5r/qmvqVJKrkSNU2g4OOgFOQd7JAiDfxzWL967E4tx0avDUd/TaekUsP981tYkLDSUWEh6p5oVjh3ce4ngo++6XDX9IDAT/S8wReNmlAsuKlB8jEUeeSr/6lhFddi3d0lCsAQ7hY7f2emMM7UTf+89ioNSUztW86qQXeEUwSNJVDofHY5gWBKnHQVJxrKXLzQWlYd2pbB6AxE/V3lJEBPhIwpn3PycAzFafNXW0OacNfoke5nSxQxzSgo0VxiB1RUwBq6wQMisMv/12MZqjoN + azcli_aks_live_test@example.com\\n\"\n }\n ]\n }\n },\n \"servicePrincipalProfile\": + {\n \"clientId\":\"00000000-0000-0000-0000-000000000001\"\n },\n \"addonProfiles\": + {\n \"azurepolicy\": {\n \"enabled\": true,\n \"config\": null,\n + \ \"identity\": {\n \"resourceId\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_clitest000001_cliakstest000002_westus2/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azurepolicy-cliakstest000002\",\n + \ \"clientId\":\"00000000-0000-0000-0000-000000000001\",\n \"objectId\":\"00000000-0000-0000-0000-000000000001\"\n + \ }\n }\n },\n \"nodeResourceGroup\": \"MC_clitest000001_cliakstest000002_westus2\",\n + \ \"enableRBAC\": true,\n \"enablePodSecurityPolicy\": false,\n \"supportPlan\": + \"KubernetesOfficial\",\n \"networkProfile\": {\n \"networkPlugin\": + \"kubenet\",\n \"loadBalancerSku\": \"Standard\",\n \"loadBalancerProfile\": + {\n \"managedOutboundIPs\": {\n \"count\": 1\n },\n \"effectiveOutboundIPs\": + [\n {\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_clitest000001_cliakstest000002_westus2/providers/Microsoft.Network/publicIPAddresses/ca43f9f7-b0ad-4156-85f6-1f249a86abd9\"\n + \ }\n ],\n \"backendPoolType\": \"nodeIPConfiguration\"\n },\n + \ \"podCidr\": \"10.244.0.0/16\",\n \"serviceCidr\": \"10.0.0.0/16\",\n + \ \"dnsServiceIP\": \"10.0.0.10\",\n \"outboundType\": \"loadBalancer\",\n + \ \"podCidrs\": [\n \"10.244.0.0/16\"\n ],\n \"serviceCidrs\": + [\n \"10.0.0.0/16\"\n ],\n \"ipFamilies\": [\n \"IPv4\"\n ]\n + \ },\n \"maxAgentPools\": 100,\n \"identityProfile\": {\n \"kubeletidentity\": + {\n \"resourceId\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_clitest000001_cliakstest000002_westus2/providers/Microsoft.ManagedIdentity/userAssignedIdentities/cliakstest000002-agentpool\",\n + \ \"clientId\":\"00000000-0000-0000-0000-000000000001\",\n \"objectId\":\"00000000-0000-0000-0000-000000000001\"\n + \ }\n },\n \"disableLocalAccounts\": false,\n \"securityProfile\": + {},\n \"storageProfile\": {\n \"diskCSIDriver\": {\n \"enabled\": + true,\n \"version\": \"v1\"\n },\n \"fileCSIDriver\": {\n \"enabled\": + true\n },\n \"snapshotController\": {\n \"enabled\": true\n }\n + \ },\n \"oidcIssuerProfile\": {\n \"enabled\": false\n },\n \"workloadAutoScalerProfile\": + {}\n },\n \"identity\": {\n \"type\": \"SystemAssigned\",\n \"principalId\":\"00000000-0000-0000-0000-000000000001\",\n + \ \"tenantId\": \"72f988bf-86f1-41af-91ab-2d7cd011db47\"\n },\n \"sku\": + {\n \"name\": \"Base\",\n \"tier\": \"Free\"\n }\n }" + headers: + cache-control: + - no-cache + content-length: + - '4585' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:32:04 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: '{"location": "westus2", "sku": {"name": "Base", "tier": "Free"}, "identity": + {"type": "SystemAssigned"}, "properties": {"kubernetesVersion": "1.25.6", "dnsPrefix": + "cliakstest-clitests6pffkuwq-79a739", "agentPoolProfiles": [{"count": 3, "vmSize": + "Standard_DS2_v2", "osDiskSizeGB": 128, "osDiskType": "Managed", "kubeletDiskType": + "OS", "workloadRuntime": "OCIContainer", "maxPods": 110, "osType": "Linux", + "osSKU": "Ubuntu", "enableAutoScaling": false, "type": "VirtualMachineScaleSets", + "mode": "System", "orchestratorVersion": "1.25.6", "upgradeSettings": {}, "powerState": + {"code": "Running"}, "enableNodePublicIP": false, "enableCustomCATrust": false, + "enableEncryptionAtHost": false, "enableUltraSSD": false, "enableFIPS": false, + "networkProfile": {}, "name": "nodepool1"}], "linuxProfile": {"adminUsername": + "azureuser", "ssh": {"publicKeys": [{"keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCf9g3FbYA7YtMBxMqO0yWh9pIzUTZb2cDLPjPnR+TrezzTiMk8OrEHQDZurqQtf+E5r/qmvqVJKrkSNU2g4OOgFOQd7JAiDfxzWL967E4tx0avDUd/TaekUsP981tYkLDSUWEh6p5oVjh3ce4ngo++6XDX9IDAT/S8wReNmlAsuKlB8jEUeeSr/6lhFddi3d0lCsAQ7hY7f2emMM7UTf+89ioNSUztW86qQXeEUwSNJVDofHY5gWBKnHQVJxrKXLzQWlYd2pbB6AxE/V3lJEBPhIwpn3PycAzFafNXW0OacNfoke5nSxQxzSgo0VxiB1RUwBq6wQMisMv/12MZqjoN + azcli_aks_live_test@example.com\n"}]}}, "servicePrincipalProfile": {"clientId":"00000000-0000-0000-0000-000000000001"}, + "addonProfiles": {"azurepolicy": {"enabled": true}}, "oidcIssuerProfile": {"enabled": + false}, "nodeResourceGroup": "MC_clitest000001_cliakstest000002_westus2", "enableRBAC": + true, "supportPlan": "KubernetesOfficial", "enablePodSecurityPolicy": false, + "networkProfile": {"networkPlugin": "kubenet", "podCidr": "10.244.0.0/16", "serviceCidr": + "10.0.0.0/16", "dnsServiceIP": "10.0.0.10", "outboundType": "loadBalancer", + "loadBalancerSku": "Standard", "loadBalancerProfile": {"managedOutboundIPs": + {"count": 1, "countIPv6": 0}, "effectiveOutboundIPs": [{"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_clitest000001_cliakstest000002_westus2/providers/Microsoft.Network/publicIPAddresses/ca43f9f7-b0ad-4156-85f6-1f249a86abd9"}], + "backendPoolType": "nodeIPConfiguration"}, "podCidrs": ["10.244.0.0/16"], "serviceCidrs": + ["10.0.0.0/16"], "ipFamilies": ["IPv4"]}, "identityProfile": {"kubeletidentity": + {"resourceId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_clitest000001_cliakstest000002_westus2/providers/Microsoft.ManagedIdentity/userAssignedIdentities/cliakstest000002-agentpool", + "clientId":"00000000-0000-0000-0000-000000000001", "objectId":"00000000-0000-0000-0000-000000000001"}}, + "disableLocalAccounts": false, "securityProfile": {}, "storageProfile": {}, + "workloadAutoScalerProfile": {}, "guardrailsProfile": {"version": "v1.0.0", + "level": "Warning", "excludedNamespaces": ["test-ns1"]}}}' + headers: + AKSHTTPCustomFeatures: + - Microsoft.ContainerService/GuardrailsPreview + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + CommandName: + - aks update + Connection: + - keep-alive + Content-Length: + - '2815' + Content-Type: + - application/json + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --guardrails-excluded-ns + --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: PUT + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002?api-version=2023-04-02-preview + response: + body: + string: "{\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002\",\n + \ \"location\": \"westus2\",\n \"name\": \"cliakstest000002\",\n \"type\": + \"Microsoft.ContainerService/ManagedClusters\",\n \"properties\": {\n \"provisioningState\": + \"Updating\",\n \"powerState\": {\n \"code\": \"Running\"\n },\n \"kubernetesVersion\": + \"1.25.6\",\n \"currentKubernetesVersion\": \"1.25.6\",\n \"dnsPrefix\": + \"cliakstest-clitests6pffkuwq-79a739\",\n \"fqdn\": \"cliakstest-clitests6pffkuwq-79a739-utpuacan.hcp.westus2.azmk8s.io\",\n + \ \"azurePortalFQDN\": \"cliakstest-clitests6pffkuwq-79a739-utpuacan.portal.hcp.westus2.azmk8s.io\",\n + \ \"agentPoolProfiles\": [\n {\n \"name\": \"nodepool1\",\n \"count\": + 3,\n \"vmSize\": \"Standard_DS2_v2\",\n \"osDiskSizeGB\": 128,\n \"osDiskType\": + \"Managed\",\n \"kubeletDiskType\": \"OS\",\n \"workloadRuntime\": + \"OCIContainer\",\n \"maxPods\": 110,\n \"type\": \"VirtualMachineScaleSets\",\n + \ \"enableAutoScaling\": false,\n \"provisioningState\": \"Updating\",\n + \ \"powerState\": {\n \"code\": \"Running\"\n },\n \"orchestratorVersion\": + \"1.25.6\",\n \"currentOrchestratorVersion\": \"1.25.6\",\n \"enableNodePublicIP\": + false,\n \"enableCustomCATrust\": false,\n \"mode\": \"System\",\n + \ \"enableEncryptionAtHost\": false,\n \"enableUltraSSD\": false,\n + \ \"osType\": \"Linux\",\n \"osSKU\": \"Ubuntu\",\n \"nodeImageVersion\": + \"AKSUbuntu-2204gen2containerd-202305.15.0\",\n \"upgradeSettings\": {},\n + \ \"enableFIPS\": false,\n \"networkProfile\": {}\n }\n ],\n \"linuxProfile\": + {\n \"adminUsername\": \"azureuser\",\n \"ssh\": {\n \"publicKeys\": + [\n {\n \"keyData\": \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCf9g3FbYA7YtMBxMqO0yWh9pIzUTZb2cDLPjPnR+TrezzTiMk8OrEHQDZurqQtf+E5r/qmvqVJKrkSNU2g4OOgFOQd7JAiDfxzWL967E4tx0avDUd/TaekUsP981tYkLDSUWEh6p5oVjh3ce4ngo++6XDX9IDAT/S8wReNmlAsuKlB8jEUeeSr/6lhFddi3d0lCsAQ7hY7f2emMM7UTf+89ioNSUztW86qQXeEUwSNJVDofHY5gWBKnHQVJxrKXLzQWlYd2pbB6AxE/V3lJEBPhIwpn3PycAzFafNXW0OacNfoke5nSxQxzSgo0VxiB1RUwBq6wQMisMv/12MZqjoN + azcli_aks_live_test@example.com\\n\"\n }\n ]\n }\n },\n \"servicePrincipalProfile\": + {\n \"clientId\":\"00000000-0000-0000-0000-000000000001\"\n },\n \"addonProfiles\": + {\n \"azurepolicy\": {\n \"enabled\": true,\n \"config\": null\n + \ }\n },\n \"nodeResourceGroup\": \"MC_clitest000001_cliakstest000002_westus2\",\n + \ \"enableRBAC\": true,\n \"enablePodSecurityPolicy\": false,\n \"supportPlan\": + \"KubernetesOfficial\",\n \"networkProfile\": {\n \"networkPlugin\": + \"kubenet\",\n \"loadBalancerSku\": \"Standard\",\n \"loadBalancerProfile\": + {\n \"managedOutboundIPs\": {\n \"count\": 1\n },\n \"effectiveOutboundIPs\": + [\n {\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_clitest000001_cliakstest000002_westus2/providers/Microsoft.Network/publicIPAddresses/ca43f9f7-b0ad-4156-85f6-1f249a86abd9\"\n + \ }\n ],\n \"backendPoolType\": \"nodeIPConfiguration\"\n },\n + \ \"podCidr\": \"10.244.0.0/16\",\n \"serviceCidr\": \"10.0.0.0/16\",\n + \ \"dnsServiceIP\": \"10.0.0.10\",\n \"outboundType\": \"loadBalancer\",\n + \ \"podCidrs\": [\n \"10.244.0.0/16\"\n ],\n \"serviceCidrs\": + [\n \"10.0.0.0/16\"\n ],\n \"ipFamilies\": [\n \"IPv4\"\n ]\n + \ },\n \"maxAgentPools\": 100,\n \"identityProfile\": {\n \"kubeletidentity\": + {\n \"resourceId\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_clitest000001_cliakstest000002_westus2/providers/Microsoft.ManagedIdentity/userAssignedIdentities/cliakstest000002-agentpool\",\n + \ \"clientId\":\"00000000-0000-0000-0000-000000000001\",\n \"objectId\":\"00000000-0000-0000-0000-000000000001\"\n + \ }\n },\n \"disableLocalAccounts\": false,\n \"securityProfile\": + {},\n \"storageProfile\": {\n \"diskCSIDriver\": {\n \"enabled\": + true,\n \"version\": \"v1\"\n },\n \"fileCSIDriver\": {\n \"enabled\": + true\n },\n \"snapshotController\": {\n \"enabled\": true\n }\n + \ },\n \"oidcIssuerProfile\": {\n \"enabled\": false\n },\n \"guardrailsProfile\": + {\n \"level\": \"Warning\",\n \"excludedNamespaces\": [\n \"test-ns1\"\n + \ ],\n \"version\": \"v1.0.0\",\n \"systemExcludedNamespaces\": [\n + \ \"kube-system\",\n \"calico-system\",\n \"tigera-system\",\n + \ \"gatekeeper-system\"\n ]\n },\n \"workloadAutoScalerProfile\": + {}\n },\n \"identity\": {\n \"type\": \"SystemAssigned\",\n \"principalId\":\"00000000-0000-0000-0000-000000000001\",\n + \ \"tenantId\": \"72f988bf-86f1-41af-91ab-2d7cd011db47\"\n },\n \"sku\": + {\n \"name\": \"Base\",\n \"tier\": \"Free\"\n }\n }" + headers: + azure-asyncoperation: + - https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/5d8a7b42-71f6-4145-b187-1ff8296b0ef9?api-version=2016-03-30 + cache-control: + - no-cache + content-length: + - '4484' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:32:10 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + x-ms-ratelimit-remaining-subscription-writes: + - '1199' + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks update + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --guardrails-excluded-ns + --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/5d8a7b42-71f6-4145-b187-1ff8296b0ef9?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"427b8a5d-f671-4541-b187-1ff8296b0ef9\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:32:09.118945Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '125' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:32:10 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks update + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --guardrails-excluded-ns + --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/5d8a7b42-71f6-4145-b187-1ff8296b0ef9?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"427b8a5d-f671-4541-b187-1ff8296b0ef9\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:32:09.118945Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '125' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:32:40 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks update + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --guardrails-excluded-ns + --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/5d8a7b42-71f6-4145-b187-1ff8296b0ef9?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"427b8a5d-f671-4541-b187-1ff8296b0ef9\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:32:09.118945Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '125' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:33:10 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks update + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --guardrails-excluded-ns + --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/5d8a7b42-71f6-4145-b187-1ff8296b0ef9?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"427b8a5d-f671-4541-b187-1ff8296b0ef9\",\n \"status\": + \"InProgress\",\n \"startTime\": \"2023-05-26T14:32:09.118945Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '125' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:33:40 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks update + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --guardrails-excluded-ns + --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/westus2/operations/5d8a7b42-71f6-4145-b187-1ff8296b0ef9?api-version=2016-03-30 + response: + body: + string: "{\n \"name\": \"427b8a5d-f671-4541-b187-1ff8296b0ef9\",\n \"status\": + \"Succeeded\",\n \"startTime\": \"2023-05-26T14:32:09.118945Z\",\n \"endTime\": + \"2023-05-26T14:33:56.3878094Z\"\n }" + headers: + cache-control: + - no-cache + content-length: + - '169' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:34:10 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - '*/*' + Accept-Encoding: + - gzip, deflate + CommandName: + - aks update + Connection: + - keep-alive + ParameterSetName: + - --resource-group --name --guardrails-level --guardrails-version --guardrails-excluded-ns + --aks-custom-headers + User-Agent: + - AZURECLI/2.49.0 azsdk-python-azure-mgmt-containerservice/22.1.0b Python/3.8.10 + (Linux-5.15.0-1038-azure-x86_64-with-glibc2.29) + method: GET + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002?api-version=2023-04-02-preview + response: + body: + string: "{\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clitest000001/providers/Microsoft.ContainerService/managedClusters/cliakstest000002\",\n + \ \"location\": \"westus2\",\n \"name\": \"cliakstest000002\",\n \"type\": + \"Microsoft.ContainerService/ManagedClusters\",\n \"properties\": {\n \"provisioningState\": + \"Succeeded\",\n \"powerState\": {\n \"code\": \"Running\"\n },\n \"kubernetesVersion\": + \"1.25.6\",\n \"currentKubernetesVersion\": \"1.25.6\",\n \"dnsPrefix\": + \"cliakstest-clitests6pffkuwq-79a739\",\n \"fqdn\": \"cliakstest-clitests6pffkuwq-79a739-utpuacan.hcp.westus2.azmk8s.io\",\n + \ \"azurePortalFQDN\": \"cliakstest-clitests6pffkuwq-79a739-utpuacan.portal.hcp.westus2.azmk8s.io\",\n + \ \"agentPoolProfiles\": [\n {\n \"name\": \"nodepool1\",\n \"count\": + 3,\n \"vmSize\": \"Standard_DS2_v2\",\n \"osDiskSizeGB\": 128,\n \"osDiskType\": + \"Managed\",\n \"kubeletDiskType\": \"OS\",\n \"workloadRuntime\": + \"OCIContainer\",\n \"maxPods\": 110,\n \"type\": \"VirtualMachineScaleSets\",\n + \ \"enableAutoScaling\": false,\n \"provisioningState\": \"Succeeded\",\n + \ \"powerState\": {\n \"code\": \"Running\"\n },\n \"orchestratorVersion\": + \"1.25.6\",\n \"currentOrchestratorVersion\": \"1.25.6\",\n \"enableNodePublicIP\": + false,\n \"enableCustomCATrust\": false,\n \"mode\": \"System\",\n + \ \"enableEncryptionAtHost\": false,\n \"enableUltraSSD\": false,\n + \ \"osType\": \"Linux\",\n \"osSKU\": \"Ubuntu\",\n \"nodeImageVersion\": + \"AKSUbuntu-2204gen2containerd-202305.15.0\",\n \"upgradeSettings\": {},\n + \ \"enableFIPS\": false,\n \"networkProfile\": {}\n }\n ],\n \"linuxProfile\": + {\n \"adminUsername\": \"azureuser\",\n \"ssh\": {\n \"publicKeys\": + [\n {\n \"keyData\": \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCf9g3FbYA7YtMBxMqO0yWh9pIzUTZb2cDLPjPnR+TrezzTiMk8OrEHQDZurqQtf+E5r/qmvqVJKrkSNU2g4OOgFOQd7JAiDfxzWL967E4tx0avDUd/TaekUsP981tYkLDSUWEh6p5oVjh3ce4ngo++6XDX9IDAT/S8wReNmlAsuKlB8jEUeeSr/6lhFddi3d0lCsAQ7hY7f2emMM7UTf+89ioNSUztW86qQXeEUwSNJVDofHY5gWBKnHQVJxrKXLzQWlYd2pbB6AxE/V3lJEBPhIwpn3PycAzFafNXW0OacNfoke5nSxQxzSgo0VxiB1RUwBq6wQMisMv/12MZqjoN + azcli_aks_live_test@example.com\\n\"\n }\n ]\n }\n },\n \"servicePrincipalProfile\": + {\n \"clientId\":\"00000000-0000-0000-0000-000000000001\"\n },\n \"addonProfiles\": + {\n \"azurepolicy\": {\n \"enabled\": true,\n \"config\": null,\n + \ \"identity\": {\n \"resourceId\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_clitest000001_cliakstest000002_westus2/providers/Microsoft.ManagedIdentity/userAssignedIdentities/azurepolicy-cliakstest000002\",\n + \ \"clientId\":\"00000000-0000-0000-0000-000000000001\",\n \"objectId\":\"00000000-0000-0000-0000-000000000001\"\n + \ }\n }\n },\n \"nodeResourceGroup\": \"MC_clitest000001_cliakstest000002_westus2\",\n + \ \"enableRBAC\": true,\n \"enablePodSecurityPolicy\": false,\n \"supportPlan\": + \"KubernetesOfficial\",\n \"networkProfile\": {\n \"networkPlugin\": + \"kubenet\",\n \"loadBalancerSku\": \"Standard\",\n \"loadBalancerProfile\": + {\n \"managedOutboundIPs\": {\n \"count\": 1\n },\n \"effectiveOutboundIPs\": + [\n {\n \"id\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_clitest000001_cliakstest000002_westus2/providers/Microsoft.Network/publicIPAddresses/ca43f9f7-b0ad-4156-85f6-1f249a86abd9\"\n + \ }\n ],\n \"backendPoolType\": \"nodeIPConfiguration\"\n },\n + \ \"podCidr\": \"10.244.0.0/16\",\n \"serviceCidr\": \"10.0.0.0/16\",\n + \ \"dnsServiceIP\": \"10.0.0.10\",\n \"outboundType\": \"loadBalancer\",\n + \ \"podCidrs\": [\n \"10.244.0.0/16\"\n ],\n \"serviceCidrs\": + [\n \"10.0.0.0/16\"\n ],\n \"ipFamilies\": [\n \"IPv4\"\n ]\n + \ },\n \"maxAgentPools\": 100,\n \"identityProfile\": {\n \"kubeletidentity\": + {\n \"resourceId\": \"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_clitest000001_cliakstest000002_westus2/providers/Microsoft.ManagedIdentity/userAssignedIdentities/cliakstest000002-agentpool\",\n + \ \"clientId\":\"00000000-0000-0000-0000-000000000001\",\n \"objectId\":\"00000000-0000-0000-0000-000000000001\"\n + \ }\n },\n \"disableLocalAccounts\": false,\n \"securityProfile\": + {},\n \"storageProfile\": {\n \"diskCSIDriver\": {\n \"enabled\": + true,\n \"version\": \"v1\"\n },\n \"fileCSIDriver\": {\n \"enabled\": + true\n },\n \"snapshotController\": {\n \"enabled\": true\n }\n + \ },\n \"oidcIssuerProfile\": {\n \"enabled\": false\n },\n \"guardrailsProfile\": + {\n \"level\": \"Warning\",\n \"excludedNamespaces\": [\n \"test-ns1\"\n + \ ],\n \"version\": \"v1.0.0\",\n \"systemExcludedNamespaces\": [\n + \ \"kube-system\",\n \"calico-system\",\n \"tigera-system\",\n + \ \"gatekeeper-system\"\n ]\n },\n \"workloadAutoScalerProfile\": + {}\n },\n \"identity\": {\n \"type\": \"SystemAssigned\",\n \"principalId\":\"00000000-0000-0000-0000-000000000001\",\n + \ \"tenantId\": \"72f988bf-86f1-41af-91ab-2d7cd011db47\"\n },\n \"sku\": + {\n \"name\": \"Base\",\n \"tier\": \"Free\"\n }\n }" + headers: + cache-control: + - no-cache + content-length: + - '4846' + content-type: + - application/json + date: + - Fri, 26 May 2023 14:34:11 GMT + expires: + - '-1' + pragma: + - no-cache + server: + - nginx + strict-transport-security: + - max-age=31536000; includeSubDomains + transfer-encoding: + - chunked + vary: + - Accept-Encoding + x-content-type-options: + - nosniff + status: + code: 200 + message: OK +version: 1 diff --git a/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py b/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py index 7e4f5436317..6df75d4a483 100644 --- a/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py +++ b/src/aks-preview/azext_aks_preview/tests/latest/test_aks_commands.py @@ -1388,6 +1388,54 @@ def test_aks_nodepool_abort(self, resource_group, resource_group_location): self.check('powerState.code', 'Running') ]) + @AllowLargeResponse() + @AKSCustomResourceGroupPreparer(random_name_length=17, name_prefix='clitest', location='westus2') + def test_aks_create_with_guardrails(self, resource_group, resource_group_location): + aks_name = self.create_random_name('cliakstest', 16) + self.kwargs.update({ + 'resource_group': resource_group, + 'name': aks_name, + 'ssh_key_value': self.generate_ssh_keys() + }) + + create_cmd = 'aks create --resource-group={resource_group} --name={name} ' \ + '--guardrails-level Warning --guardrails-version "v1.0.0" ' \ + '--enable-addons azure-policy --ssh-key-value={ssh_key_value} ' \ + '--aks-custom-headers AKSHTTPCustomFeatures=Microsoft.ContainerService/GuardrailsPreview' + self.cmd(create_cmd, checks=[ + self.check('provisioningState', 'Succeeded'), + self.check('guardrailsProfile.level', 'Warning'), + self.check('guardrailsProfile.version','v1.0.0') + ]) + + @AllowLargeResponse() + @AKSCustomResourceGroupPreparer(random_name_length=17, name_prefix='clitest', location='westus2') + def test_aks_update_with_guardrails(self, resource_group, resource_group_location): + aks_name = self.create_random_name('cliakstest', 16) + self.kwargs.update({ + 'resource_group': resource_group, + 'name': aks_name, + 'ssh_key_value': self.generate_ssh_keys() + }) + + create_cmd = 'aks create --resource-group={resource_group} --name={name} --ssh-key-value={ssh_key_value} ' \ + '--enable-addons azure-policy ' + self.cmd(create_cmd, checks=[ + self.check('provisioningState', 'Succeeded') + ]) + + update_cmd = 'aks update --resource-group={resource_group} --name={name} ' \ + '--guardrails-level Warning --guardrails-version "v1.0.0" ' \ + '--guardrails-excluded-ns test-ns1 ' \ + '--aks-custom-headers AKSHTTPCustomFeatures=Microsoft.ContainerService/GuardrailsPreview' + + self.cmd(update_cmd, checks=[ + self.check('provisioningState', 'Succeeded'), + self.check('guardrailsProfile.level', 'Warning'), + self.check('guardrailsProfile.version','v1.0.0'), + self.check('guardrailsProfile.excludedNamespaces[0]','test-ns1') + ]) + @AllowLargeResponse() @AKSCustomResourceGroupPreparer(random_name_length=17, name_prefix='clitest', location='westus2') def test_aks_create_with_managed_disk(self, resource_group, resource_group_location): diff --git a/src/aks-preview/azext_aks_preview/tests/latest/test_managed_cluster_decorator.py b/src/aks-preview/azext_aks_preview/tests/latest/test_managed_cluster_decorator.py index f6612c49eee..d3d8ccd28e0 100644 --- a/src/aks-preview/azext_aks_preview/tests/latest/test_managed_cluster_decorator.py +++ b/src/aks-preview/azext_aks_preview/tests/latest/test_managed_cluster_decorator.py @@ -227,6 +227,74 @@ def test_get_http_proxy_config(self): # fail on invalid file path with self.assertRaises(InvalidArgumentValueError): ctx_3.get_http_proxy_config() + + def test_get_guardrails_level(self): + ctx1 = AKSPreviewManagedClusterContext( + self.cmd, + AKSManagedClusterParamDict({"guardrails_level": None}), + self.models, + decorator_mode=DecoratorMode.CREATE + ) + self.assertEqual(ctx1.get_guardrails_level(), None) + + ctx2 = AKSPreviewManagedClusterContext( + self.cmd, + AKSManagedClusterParamDict({"guardrails_level": "Warning"}), + self.models, + decorator_mode=DecoratorMode.CREATE + ) + mc2 = self.models.ManagedCluster( + location="test_location", + guardrails_profile=self.models.GuardrailsProfile(level="Warning", excluded_namespaces=None, version="") + ) + ctx2.attach_mc(mc2) + self.assertEqual(ctx2.get_guardrails_level(), "Warning") + + def test_get_guardrails_version(self): + ctx1 = AKSPreviewManagedClusterContext( + self.cmd, + AKSManagedClusterParamDict({"guardrails_version": None}), + self.models, + decorator_mode=DecoratorMode.CREATE + ) + self.assertEqual(ctx1.get_guardrails_version(), None) + + ctx2 = AKSPreviewManagedClusterContext( + self.cmd, + AKSManagedClusterParamDict({"guardrails_version": "v1.0.0"}), + self.models, + decorator_mode=DecoratorMode.CREATE + ) + + mc2 = self.models.ManagedCluster( + location="test_location", + guardrails_profile=self.models.GuardrailsProfile(version="v1.0.0", level=None, excluded_namespaces=None) + ) + ctx2.attach_mc(mc2) + self.assertEqual(ctx2.get_guardrails_version(), "v1.0.0") + + def test_get_guardrails_excluded_namespaces(self): + ctx1 = AKSPreviewManagedClusterContext( + self.cmd, + AKSManagedClusterParamDict({"guardrails_excluded_ns": None}), + self.models, + decorator_mode=DecoratorMode.CREATE + ) + self.assertEqual(ctx1.get_guardrails_excluded_namespaces(), None) + + ctx2 = AKSPreviewManagedClusterContext( + self.cmd, + AKSManagedClusterParamDict({"guardrails_excluded_ns": "ns1,ns2"}), + self.models, + decorator_mode=DecoratorMode.CREATE + ) + + mc2 = self.models.ManagedCluster( + location="test_location", + guardrails_profile=self.models.GuardrailsProfile(excluded_namespaces=["ns1","ns2"], level=None, version=None) + ) + ctx2.attach_mc(mc2) + self.assertEqual(ctx2.get_guardrails_excluded_namespaces(), "ns1,ns2") def test_get_kube_proxy_config(self): # default @@ -3321,6 +3389,44 @@ def setUp(self): self.models = AKSPreviewManagedClusterModels(self.cmd, CUSTOM_MGMT_AKS_PREVIEW) self.client = MockClient() + def test_set_up_guardrails_profile(self): + # Base case - no options specified, GuardrailsProfile should be None + dec_1 = AKSPreviewManagedClusterCreateDecorator( + self.cmd, + self.client, + {}, + CUSTOM_MGMT_AKS_PREVIEW + ) + + mc_1 = self.models.ManagedCluster(location="test_location") + dec_1.context.attach_mc(mc_1) + dec_mc_1 = dec_1.set_up_guardrails_profile(mc_1) + gt_mc_1 = self.models.ManagedCluster(location="test_location") + self.assertEqual(dec_mc_1,gt_mc_1) + + # Make sure GuardrailsProfile is filled out appropriately + dec_2 = AKSPreviewManagedClusterCreateDecorator( + self.cmd, + self.client, + { + "guardrails_level": "Warning", + "guardrails_version": "v1.0.0", + "guardrails_excluded_ns": "ns1,ns2" + }, + CUSTOM_MGMT_AKS_PREVIEW + ) + + mc_2 = self.models.ManagedCluster(location="test_location") + dec_2.context.attach_mc(mc_2) + dec_mc_2 = dec_2.set_up_guardrails_profile(mc_2) + gt_mc_2 = self.models.ManagedCluster(location="test_location") + gt_mc_2.guardrails_profile = self.models.GuardrailsProfile( + level="Warning", + version="v1.0.0", + excluded_namespaces=["ns1","ns2"] + ) + self.assertEqual(dec_mc_2,gt_mc_2) + def test_set_up_agentpool_profile(self): dec_1 = AKSPreviewManagedClusterCreateDecorator( self.cmd,