Add support for ImageCleaner on AKS (#19916)

* Add support for ImageCleaner on AKS

* add more context in ImageCleaner description

specification/containerservice/resource-manager/Microsoft.ContainerService/preview/2022-07-02-preview/managedClusters.json

@@ -6149,6 +6149,10 @@
           "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity",
           "description": "[Workload Identity](https://azure.github.io/azure-workload-identity/docs/) settings for the security profile."
         },
+        "imageCleaner": {
+          "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner",
+          "description": "ImageCleaner settings for the security profile."
+        },
         "nodeRestriction": {
           "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction",
           "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile."
@@ -6268,6 +6272,21 @@
       },
       "description": "Workload Identity settings for the security profile."
     },
+    "ManagedClusterSecurityProfileImageCleaner": {
+      "type": "object",
+      "properties": {
+        "enabled": {
+          "type": "boolean",
+          "description": "Whether to enable ImageCleaner on AKS cluster."
+        },
+        "intervalHours": {
+          "type": "integer",
+          "format": "int32",
+          "description": "ImageCleaner scanning interval."
+        }
+      },
+      "description": "ImageCleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile."
+    },
     "ManagedClusterSecurityProfileNodeRestriction": {
       "type": "object",
       "properties": {