| _key | core | string | |
| api_server_access_profile | core | json | The access profile for managed cluster API server. |
| azure_portal_fqdn | core | string | The Azure Portal requires certain Cross-Origin Resource Sharing (CORS) headers to be sent in some responses, which Kubernetes APIServer doesn't handle by default. This special FQDN supports CORS, allowing the Azure Portal to function properly. |
| disable_local_accounts | core | bool | If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview). |
| disk_encryption_set_id | core | string | This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}' |
| dns_prefix | core | string | This cannot be updated once the Managed Cluster has been created. |
| enable_pod_security_policy | core | bool | (DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp. |
| enable_rbac | core | bool | Whether to enable Kubernetes Role-Based Access Control. |
| fqdn | core | string | The FQDN of the master pool. |
| fqdn_subdomain | core | string | This cannot be updated once the Managed Cluster has been created. |
| id | core | string | Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
| kubernetes_version | core | string | Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details. |
| location | core | string | The geo-location where the resource lives |
| max_agent_pools | core | int64 | The max number of agent pools for the managed cluster. |
| name | core | string | The name of the resource |
| network_profile | core | json | The network configuration profile. |
| node_resource_group | core | string | The name of the resource group containing agent pool nodes. |
| power_state | core | json | The Power State of the cluster. |
| private_fqdn | core | string | The FQDN of private cluster. |
| provisioning_state | core | string | The current provisioning state. |
| resource_group | core | string | |
| service_principal_profile | core | json | Information about a service principal identity for the cluster to use for manipulating Azure APIs. |
| sku | core | json | The managed cluster SKU. |
| subscription_id | core | string | |
| subscription_name | core | string | |
| tags | core | hstore_csv | |
| type | core | string | The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
| windows_profile | core | json | The profile for Windows VMs in the Managed Cluster. |
