diff --git a/custom-words.txt b/custom-words.txt
index 21f47057170d..374d18f608ec 100644
--- a/custom-words.txt
+++ b/custom-words.txt
@@ -808,6 +808,8 @@ Gloo
gltf
gluster
glusterfs
+gmsa
+Gmsa
GOARCH
GPUMIG
GPUP
diff --git a/specification/containerservice/resource-manager/Microsoft.ContainerService/stable/2021-09-01/examples/ManagedClustersCreate_UpdateWindowsGmsa.json b/specification/containerservice/resource-manager/Microsoft.ContainerService/stable/2021-09-01/examples/ManagedClustersCreate_UpdateWindowsGmsa.json
new file mode 100644
index 000000000000..804f629548dd
--- /dev/null
+++ b/specification/containerservice/resource-manager/Microsoft.ContainerService/stable/2021-09-01/examples/ManagedClustersCreate_UpdateWindowsGmsa.json
@@ -0,0 +1,281 @@
+{
+ "parameters": {
+ "api-version": "2021-09-01",
+ "subscriptionId": "subid1",
+ "resourceGroupName": "rg1",
+ "resourceName": "clustername1",
+ "parameters": {
+ "location": "location1",
+ "tags": {
+ "tier": "production",
+ "archv2": ""
+ },
+ "sku": {
+ "name": "Basic",
+ "tier": "Free"
+ },
+ "properties": {
+ "kubernetesVersion": "",
+ "dnsPrefix": "dnsprefix1",
+ "agentPoolProfiles": [
+ {
+ "name": "nodepool1",
+ "count": 3,
+ "vmSize": "Standard_DS1_v2",
+ "osType": "Linux",
+ "type": "VirtualMachineScaleSets",
+ "availabilityZones": [
+ "1",
+ "2",
+ "3"
+ ],
+ "enableNodePublicIP": true,
+ "mode": "System"
+ }
+ ],
+ "linuxProfile": {
+ "adminUsername": "azureuser",
+ "ssh": {
+ "publicKeys": [
+ {
+ "keyData": "keydata"
+ }
+ ]
+ }
+ },
+ "networkProfile": {
+ "loadBalancerSku": "standard",
+ "outboundType": "loadBalancer",
+ "loadBalancerProfile": {
+ "managedOutboundIPs": {
+ "count": 2
+ }
+ }
+ },
+ "autoScalerProfile": {
+ "scan-interval": "20s",
+ "scale-down-delay-after-add": "15m"
+ },
+ "windowsProfile": {
+ "adminUsername": "azureuser",
+ "adminPassword": "replacePassword1234$",
+ "gmsaProfile": {
+ "enabled": true
+ }
+ },
+ "servicePrincipalProfile": {
+ "clientId": "clientid",
+ "secret": "secret"
+ },
+ "addonProfiles": {},
+ "enableRBAC": true,
+ "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
+ "enablePodSecurityPolicy": true
+ },
+ "identity": {
+ "type": "UserAssigned",
+ "userAssignedIdentities": {
+ "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
+ "location": "location1",
+ "name": "clustername1",
+ "tags": {
+ "archv2": "",
+ "tier": "production"
+ },
+ "type": "Microsoft.ContainerService/ManagedClusters",
+ "properties": {
+ "provisioningState": "Succeeded",
+ "maxAgentPools": 1,
+ "kubernetesVersion": "1.9.6",
+ "dnsPrefix": "dnsprefix1",
+ "agentPoolProfiles": [
+ {
+ "name": "nodepool1",
+ "count": 3,
+ "vmSize": "Standard_DS1_v2",
+ "maxPods": 110,
+ "osType": "Linux",
+ "provisioningState": "Succeeded",
+ "orchestratorVersion": "1.9.6",
+ "type": "VirtualMachineScaleSets",
+ "availabilityZones": [
+ "1",
+ "2",
+ "3"
+ ],
+ "enableNodePublicIP": true,
+ "mode": "System",
+ "nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
+ }
+ ],
+ "linuxProfile": {
+ "adminUsername": "azureuser",
+ "ssh": {
+ "publicKeys": [
+ {
+ "keyData": "keydata"
+ }
+ ]
+ }
+ },
+ "windowsProfile": {
+ "adminUsername": "azureuser",
+ "gmsaProfile": {
+ "enabled": true
+ }
+ },
+ "servicePrincipalProfile": {
+ "clientId": "clientid"
+ },
+ "nodeResourceGroup": "MC_rg1_clustername1_location1",
+ "enableRBAC": true,
+ "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
+ "enablePodSecurityPolicy": true,
+ "fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
+ "networkProfile": {
+ "loadBalancerSku": "basic",
+ "networkPlugin": "kubenet",
+ "podCidr": "10.244.0.0/16",
+ "serviceCidr": "10.0.0.0/16",
+ "dnsServiceIP": "10.0.0.10",
+ "dockerBridgeCidr": "172.17.0.1/16",
+ "outboundType": "loadBalancer",
+ "loadBalancerProfile": {
+ "allocatedOutboundPorts": 2000,
+ "idleTimeoutInMinutes": 10,
+ "managedOutboundIPs": {
+ "count": 2
+ },
+ "effectiveOutboundIPs": [
+ {
+ "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
+ },
+ {
+ "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
+ }
+ ]
+ }
+ },
+ "autoScalerProfile": {
+ "scan-interval": "20s",
+ "scale-down-delay-after-add": "15m"
+ }
+ },
+ "identity": {
+ "type": "UserAssigned",
+ "userAssignedIdentities": {
+ "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
+ "principalId": "principalId1",
+ "clientId": "clientId1"
+ }
+ }
+ }
+ }
+ },
+ "201": {
+ "body": {
+ "id": "/subscriptions/subid1/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
+ "location": "location1",
+ "name": "clustername1",
+ "tags": {
+ "archv2": "",
+ "tier": "production"
+ },
+ "type": "Microsoft.ContainerService/ManagedClusters",
+ "properties": {
+ "provisioningState": "Creating",
+ "maxAgentPools": 1,
+ "kubernetesVersion": "1.9.6",
+ "dnsPrefix": "dnsprefix1",
+ "agentPoolProfiles": [
+ {
+ "name": "nodepool1",
+ "count": 3,
+ "vmSize": "Standard_DS1_v2",
+ "maxPods": 110,
+ "osType": "Linux",
+ "provisioningState": "Creating",
+ "orchestratorVersion": "1.9.6",
+ "type": "VirtualMachineScaleSets",
+ "availabilityZones": [
+ "1",
+ "2",
+ "3"
+ ],
+ "enableNodePublicIP": true,
+ "mode": "System"
+ }
+ ],
+ "linuxProfile": {
+ "adminUsername": "azureuser",
+ "ssh": {
+ "publicKeys": [
+ {
+ "keyData": "keydata"
+ }
+ ]
+ }
+ },
+ "windowsProfile": {
+ "adminUsername": "azureuser",
+ "gmsaProfile": {
+ "enabled": true
+ }
+ },
+ "servicePrincipalProfile": {
+ "clientId": "clientid"
+ },
+ "nodeResourceGroup": "MC_rg1_clustername1_location1",
+ "enableRBAC": true,
+ "diskEncryptionSetID": "/subscriptions/subid1/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
+ "enablePodSecurityPolicy": true,
+ "networkProfile": {
+ "networkPlugin": "kubenet",
+ "podCidr": "10.244.0.0/16",
+ "serviceCidr": "10.0.0.0/16",
+ "dnsServiceIP": "10.0.0.10",
+ "dockerBridgeCidr": "172.17.0.1/16",
+ "loadBalancerSku": "standard",
+ "outboundType": "loadBalancer",
+ "loadBalancerProfile": {
+ "allocatedOutboundPorts": 2000,
+ "idleTimeoutInMinutes": 10,
+ "managedOutboundIPs": {
+ "count": 2
+ },
+ "effectiveOutboundIPs": [
+ {
+ "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
+ },
+ {
+ "id": "/subscriptions/subid1/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
+ }
+ ]
+ }
+ },
+ "autoScalerProfile": {
+ "scan-interval": "20s",
+ "scale-down-delay-after-add": "15m"
+ }
+ },
+ "identity": {
+ "type": "UserAssigned",
+ "userAssignedIdentities": {
+ "/subscriptions/subid1/resourceGroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
+ "principalId": "principalId1",
+ "clientId": "clientId1"
+ }
+ }
+ }
+ }
+ }
+ }
+}
diff --git a/specification/containerservice/resource-manager/Microsoft.ContainerService/stable/2021-09-01/managedClusters.json b/specification/containerservice/resource-manager/Microsoft.ContainerService/stable/2021-09-01/managedClusters.json
index c7152fd0f838..da5b47aac154 100644
--- a/specification/containerservice/resource-manager/Microsoft.ContainerService/stable/2021-09-01/managedClusters.json
+++ b/specification/containerservice/resource-manager/Microsoft.ContainerService/stable/2021-09-01/managedClusters.json
@@ -564,6 +564,9 @@
},
"Create Managed Cluster using an agent pool snapshot": {
"$ref": "./examples/ManagedClustersCreate_Snapshot.json"
+ },
+ "Create/Update Managed Cluster with Windows gMSA enabled": {
+ "$ref": "./examples/ManagedClustersCreate_UpdateWindowsGmsa.json"
}
}
},
@@ -2929,6 +2932,10 @@
"type": "boolean",
"title": "Whether to enable CSI proxy.",
"description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy)."
+ },
+ "gmsaProfile": {
+ "$ref": "#/definitions/WindowsGmsaProfile",
+ "description": "The Windows gMSA Profile in the Managed Cluster."
}
},
"required": [
@@ -2936,6 +2943,25 @@
],
"description": "Profile for Windows VMs in the managed cluster."
},
+ "WindowsGmsaProfile": {
+ "type": "object",
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "title": "Whether to enable Windows gMSA.",
+ "description": "Specifies whether to enable Windows gMSA in the managed cluster."
+ },
+ "dnsServer": {
+ "type": "string",
+ "description": "Specifies the DNS server for Windows gMSA.
Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster."
+ },
+ "rootDomainName": {
+ "type": "string",
+ "description": "Specifies the root domain name for Windows gMSA.
Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster."
+ }
+ },
+ "description": "Windows gMSA Profile in the managed cluster."
+ },
"ContainerServiceLinuxProfile": {
"properties": {
"adminUsername": {
diff --git a/specification/containerservice/resource-manager/readme.go.md b/specification/containerservice/resource-manager/readme.go.md
index 792722c739ae..1f7d147da198 100644
--- a/specification/containerservice/resource-manager/readme.go.md
+++ b/specification/containerservice/resource-manager/readme.go.md
@@ -20,6 +20,7 @@ azure-arm: true
``` yaml $(go) && $(multiapi)
batch:
+ - tag: package-2021-09
- tag: package-2021-08
- tag: package-2021-07
- tag: package-2021-05
@@ -50,6 +51,16 @@ batch:
- tag: package-2017-07
```
+### Tag: package-2021-09 and go
+
+These settings apply only when `--package-2021-09 --go` is specified on the command line.
+Please also specify `--go-sdk-folder=`.
+
+``` yaml $(tag)=='package-2021-09' && $(go)
+namespace: containerservice
+output-folder: $(go-sdk-folder)/services/$(namespace)/mgmt/2021-09-01/$(namespace)
+```
+
### Tag: package-2021-08 and go
These settings apply only when `--package-2021-08 --go` is specified on the command line.
diff --git a/specification/containerservice/resource-manager/readme.java.md b/specification/containerservice/resource-manager/readme.java.md
index 7d53a96b35dd..5834e2175ece 100644
--- a/specification/containerservice/resource-manager/readme.java.md
+++ b/specification/containerservice/resource-manager/readme.java.md
@@ -38,6 +38,20 @@ batch:
- tag: package-2021-05
- tag: package-2021-07
- tag: package-2021-08
+ - tag: package-2021-09
+```
+
+### Tag: package-2021-09 and java
+
+These settings apply only when `--tag=package-2021-09` is specified on the command line.
+Please also specify `--azure-libraries-for-java-folder=`.
+
+``` yaml $(tag) == 'package-2021-09' && $(java) && $(multiapi)
+java:
+ namespace: com.microsoft.azure.management.containerservice.v2021_09_01
+ output-folder: $(azure-libraries-for-java-folder)/sdk/containerservice/mgmt-v2021_09_01
+regenerate-manager: true
+generate-interface: true
```
### Tag: package-2021-08 and java
diff --git a/specification/containerservice/resource-manager/readme.md b/specification/containerservice/resource-manager/readme.md
index 5f28376461b5..86bb0e4c63f0 100644
--- a/specification/containerservice/resource-manager/readme.md
+++ b/specification/containerservice/resource-manager/readme.md
@@ -46,6 +46,7 @@ These settings apply only when `--tag=package-2021-09` is specified on the comma
input-file:
- Microsoft.ContainerService/stable/2021-09-01/managedClusters.json
```
+
### Tag: package-2021-08
These settings apply only when `--tag=package-2021-08` is specified on the command line.
@@ -355,6 +356,19 @@ input-file:
```
+### Tag: package-2021-09-01-only
+
+These settings apply only when `--tag=package-2021-09-01-only` is specified on the command line.
+
+``` yaml $(tag) == 'package-2021-09-01-only'
+input-file:
+- Microsoft.ContainerService/stable/2021-09-01/managedClusters.json
+directive:
+ - suppress: DefinitionsPropertiesNamesCamelCase
+ where: $.definitions.ManagedClusterProperties.properties.autoScalerProfile
+ reason: Cluster-autoscaler settings are not camel-cased
+```
+
### Tag: package-2021-08-01-only
These settings apply only when `--tag=package-2021-08-01-only` is specified on the command line.
diff --git a/specification/containerservice/resource-manager/readme.python.md b/specification/containerservice/resource-manager/readme.python.md
index 9e13e102aecc..f966032e68b3 100644
--- a/specification/containerservice/resource-manager/readme.python.md
+++ b/specification/containerservice/resource-manager/readme.python.md
@@ -17,6 +17,7 @@ Generate all API versions currently shipped for this package
```yaml $(python) && $(multiapi) && $(track2)
batch:
+ - tag: package-2021-09-01-only
- tag: package-2021-08-01-only
- tag: package-2021-07-01-only
- tag: package-2021-05-01-only
@@ -53,6 +54,16 @@ clear-output-folder: false
perform-load: false
```
+### Tag: package-2021-09-01-only and python
+
+These settings apply only when `--tag=package-2021-09-01-only --python` is specified on the command line.
+Please also specify `--python-sdks-folder=`.
+
+``` yaml $(tag) == 'package-2021-09-01-only' && $(python)
+namespace: azure.mgmt.containerservice.v2021_09_01
+output-folder: $(python-sdks-folder)/containerservice/azure-mgmt-containerservice/azure/mgmt/containerservice/v2021_09_01
+```
+
### Tag: package-2021-08-01-only and python
These settings apply only when `--tag=package-2021-08-01-only --python` is specified on the command line.