From 6b4b0ae2f38a5dbec0bd5e0b93fa25a03c2f916f Mon Sep 17 00:00:00 2001
From: Ubuntu <jiashunliu@microsoft.com>
Date: Mon, 25 Jul 2022 02:43:55 +0000
Subject: [PATCH 1/2] Add support for ImageCleaner on AKS

---
 .../2022-07-02-preview/managedClusters.json   | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-07-02-preview/managedClusters.json b/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-07-02-preview/managedClusters.json
index ed92d3008326..c19032eb922f 100644
--- a/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-07-02-preview/managedClusters.json
+++ b/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-07-02-preview/managedClusters.json
@@ -6039,6 +6039,10 @@
           "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity",
           "description": "[Workload Identity](https://azure.github.io/azure-workload-identity/docs/) settings for the security profile."
         },
+        "imageCleaner": {
+          "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner",
+          "description": "ImageCleaner settings for the security profile."
+        },
         "nodeRestriction": {
           "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction",
           "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile."
@@ -6158,6 +6162,21 @@
       },
       "description": "Workload Identity settings for the security profile."
     },
+    "ManagedClusterSecurityProfileImageCleaner": {
+      "type": "object",
+      "properties": {
+        "enabled": {
+          "type": "boolean",
+          "description": "Whether to enable ImageCleaner on AKS cluster."
+        },
+        "intervalHours": {
+          "type": "integer",
+          "format": "int32",
+          "description": "ImageCleaner scanning interval."
+        }
+      },
+      "description": "ImageCleaner settings for the security profile."
+    },
     "ManagedClusterSecurityProfileNodeRestriction": {
       "type": "object",
       "properties": {

From 4da4ac364ccddae8f0d0ee072cfc78f4f73c5f92 Mon Sep 17 00:00:00 2001
From: Ubuntu <jiashunliu@microsoft.com>
Date: Tue, 26 Jul 2022 01:57:02 +0000
Subject: [PATCH 2/2] add more context in ImageCleaner description

---
 .../preview/2022-07-02-preview/managedClusters.json             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-07-02-preview/managedClusters.json b/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-07-02-preview/managedClusters.json
index c19032eb922f..2aee9e39b057 100644
--- a/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-07-02-preview/managedClusters.json
+++ b/specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-07-02-preview/managedClusters.json
@@ -6175,7 +6175,7 @@
           "description": "ImageCleaner scanning interval."
         }
       },
-      "description": "ImageCleaner settings for the security profile."
+      "description": "ImageCleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile."
     },
     "ManagedClusterSecurityProfileNodeRestriction": {
       "type": "object",