From 112859937a9cc6e7200c5a752427e1b84b314f6b Mon Sep 17 00:00:00 2001
From: PixelRobots <22979170+PixelRobots@users.noreply.github.com>
Date: Thu, 18 Apr 2024 07:55:24 +0100
Subject: [PATCH 1/8] added image cleaner

Signed-off-by: PixelRobots <22979170+PixelRobots@users.noreply.github.com>
---
 .../managed-cluster/README.md                 | 23 +++++++++++++++++++
 .../managed-cluster/main.bicep                | 12 ++++++++++
 .../managed-cluster/main.json                 | 19 +++++++++++++--
 3 files changed, 52 insertions(+), 2 deletions(-)

diff --git a/avm/res/container-service/managed-cluster/README.md b/avm/res/container-service/managed-cluster/README.md
index 9c6755ddb5..b282ed116f 100644
--- a/avm/res/container-service/managed-cluster/README.md
+++ b/avm/res/container-service/managed-cluster/README.md
@@ -1516,6 +1516,7 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:<vers
 | [`enableAzureMonitorProfileMetrics`](#parameter-enableazuremonitorprofilemetrics) | bool | Whether the metric state of the kubenetes cluster is enabled. |
 | [`enableContainerInsights`](#parameter-enablecontainerinsights) | bool | Indicates if Azure Monitor Container Insights Logs Addon is enabled. |
 | [`enableDnsZoneContributorRoleAssignment`](#parameter-enablednszonecontributorroleassignment) | bool | Specifies whether assing the DNS zone contributor role to the cluster service principal. It will be ignored if `webApplicationRoutingEnabled` is set to `false` or `dnsZoneResourceId` not provided. |
+| [`enableImageCleaner`](#parameter-enableimagecleaner) | bool | Whether to enable Image Cleaner for Kubernetes. |
 | [`enableKeyvaultSecretsProvider`](#parameter-enablekeyvaultsecretsprovider) | bool | Specifies whether the KeyvaultSecretsProvider add-on is enabled or not. |
 | [`enableOidcIssuerProfile`](#parameter-enableoidcissuerprofile) | bool | Whether the The OIDC issuer profile of the Managed Cluster is enabled. |
 | [`enablePodSecurityPolicy`](#parameter-enablepodsecuritypolicy) | bool | Whether to enable Kubernetes pod security policy. Requires enabling the pod security policy feature flag on the subscription. |
@@ -1568,6 +1569,12 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:<vers
 | [`tags`](#parameter-tags) | object | Tags of the resource. |
 | [`webApplicationRoutingEnabled`](#parameter-webapplicationroutingenabled) | bool | Specifies whether the webApplicationRoutingEnabled add-on is enabled or not. |
 
+**Optional The interval in hours Image Cleaner will run parameters**
+
+| Parameter | Type | Description |
+| :-- | :-- | :-- |
+| [`imageCleanerIntervalHours`](#parameter-imagecleanerintervalhours) | int | Defaults 120, 5 days. |
+
 ### Parameter: `name`
 
 Specifies the name of the AKS cluster.
@@ -2542,6 +2549,14 @@ Specifies whether assing the DNS zone contributor role to the cluster service pr
 - Type: bool
 - Default: `True`
 
+### Parameter: `enableImageCleaner`
+
+Whether to enable Image Cleaner for Kubernetes.
+
+- Required: No
+- Type: bool
+- Default: `False`
+
 ### Parameter: `enableKeyvaultSecretsProvider`
 
 Specifies whether the KeyvaultSecretsProvider add-on is enabled or not.
@@ -3223,6 +3238,14 @@ Specifies whether the webApplicationRoutingEnabled add-on is enabled or not.
 - Type: bool
 - Default: `False`
 
+### Parameter: `imageCleanerIntervalHours`
+
+Defaults 120, 5 days.
+
+- Required: No
+- Type: int
+- Default: `120`
+
 
 ## Outputs
 
diff --git a/avm/res/container-service/managed-cluster/main.bicep b/avm/res/container-service/managed-cluster/main.bicep
index d8ffe6bc8f..f06940f79a 100644
--- a/avm/res/container-service/managed-cluster/main.bicep
+++ b/avm/res/container-service/managed-cluster/main.bicep
@@ -294,6 +294,12 @@ param enableWorkloadIdentity bool = false
 @description('Optional. Whether to enable Azure Defender.')
 param enableAzureDefender bool = false
 
+@description('Optional. Whether to enable Image Cleaner for Kubernetes.')
+param enableImageCleaner bool = false
+
+@description('Optional The interval in hours Image Cleaner will run. Defaults 120, 5 days.')
+param imageCleanerIntervalHours int = 120
+
 @description('Optional. Whether to enable Kubernetes pod security policy. Requires enabling the pod security policy feature flag on the subscription.')
 param enablePodSecurityPolicy bool = false
 
@@ -710,6 +716,12 @@ resource managedCluster 'Microsoft.ContainerService/managedClusters@2023-07-02-p
             enabled: enableWorkloadIdentity
           }
         : null
+      imageCleaner: enableImageCleaner
+        ? {
+            enabled: enableImageCleaner
+            intervalHours: imageCleanerIntervalHours
+          }
+        : null
     }
     storageProfile: {
       blobCSIDriver: {
diff --git a/avm/res/container-service/managed-cluster/main.json b/avm/res/container-service/managed-cluster/main.json
index b8fc5076be..33e0dd7d58 100644
--- a/avm/res/container-service/managed-cluster/main.json
+++ b/avm/res/container-service/managed-cluster/main.json
@@ -6,7 +6,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.26.54.24096",
-      "templateHash": "4896491646814133286"
+      "templateHash": "15989375192995835398"
     },
     "name": "Azure Kubernetes Service (AKS) Managed Clusters",
     "description": "This module deploys an Azure Kubernetes Service (AKS) Managed Cluster.",
@@ -1252,6 +1252,20 @@
         "description": "Optional. Whether to enable Azure Defender."
       }
     },
+    "enableImageCleaner": {
+      "type": "bool",
+      "defaultValue": false,
+      "metadata": {
+        "description": "Optional. Whether to enable Image Cleaner for Kubernetes."
+      }
+    },
+    "imageCleanerIntervalHours": {
+      "type": "int",
+      "defaultValue": 120,
+      "metadata": {
+        "description": "Optional The interval in hours Image Cleaner will run. Defaults 120, 5 days."
+      }
+    },
     "enablePodSecurityPolicy": {
       "type": "bool",
       "defaultValue": false,
@@ -1626,7 +1640,8 @@
         },
         "securityProfile": {
           "defender": "[if(parameters('enableAzureDefender'), createObject('securityMonitoring', createObject('enabled', parameters('enableAzureDefender')), 'logAnalyticsWorkspaceResourceId', parameters('monitoringWorkspaceId')), null())]",
-          "workloadIdentity": "[if(parameters('enableWorkloadIdentity'), createObject('enabled', parameters('enableWorkloadIdentity')), null())]"
+          "workloadIdentity": "[if(parameters('enableWorkloadIdentity'), createObject('enabled', parameters('enableWorkloadIdentity')), null())]",
+          "imageCleaner": "[if(parameters('enableImageCleaner'), createObject('enabled', parameters('enableImageCleaner'), 'intervalHours', parameters('imageCleanerIntervalHours')), null())]"
         },
         "storageProfile": {
           "blobCSIDriver": {

From e6cd4edd7ca593a4e31217004c87b05625659437 Mon Sep 17 00:00:00 2001
From: PixelRobots <22979170+PixelRobots@users.noreply.github.com>
Date: Thu, 18 Apr 2024 08:47:27 +0100
Subject: [PATCH 2/8] fix pester issue

Signed-off-by: PixelRobots <22979170+PixelRobots@users.noreply.github.com>
---
 .../managed-cluster/README.md                 | 23 ++++++++-----------
 .../managed-cluster/main.bicep                |  2 +-
 .../managed-cluster/main.json                 |  4 ++--
 3 files changed, 12 insertions(+), 17 deletions(-)

diff --git a/avm/res/container-service/managed-cluster/README.md b/avm/res/container-service/managed-cluster/README.md
index b282ed116f..7e2f7d8bf5 100644
--- a/avm/res/container-service/managed-cluster/README.md
+++ b/avm/res/container-service/managed-cluster/README.md
@@ -1535,6 +1535,7 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:<vers
 | [`httpApplicationRoutingEnabled`](#parameter-httpapplicationroutingenabled) | bool | Specifies whether the httpApplicationRouting add-on is enabled or not. |
 | [`httpProxyConfig`](#parameter-httpproxyconfig) | object | Configurations for provisioning the cluster with HTTP proxy servers. |
 | [`identityProfile`](#parameter-identityprofile) | object | Identities associated with the cluster. |
+| [`imageCleanerIntervalHours`](#parameter-imagecleanerintervalhours) | int | The interval in hours Image Cleaner will run. Defaults 120, 5 days. |
 | [`ingressApplicationGatewayEnabled`](#parameter-ingressapplicationgatewayenabled) | bool | Specifies whether the ingressApplicationGateway (AGIC) add-on is enabled or not. |
 | [`kubeDashboardEnabled`](#parameter-kubedashboardenabled) | bool | Specifies whether the kubeDashboard add-on is enabled or not. |
 | [`kubernetesVersion`](#parameter-kubernetesversion) | string | Version of Kubernetes specified when creating the managed cluster. |
@@ -1569,12 +1570,6 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:<vers
 | [`tags`](#parameter-tags) | object | Tags of the resource. |
 | [`webApplicationRoutingEnabled`](#parameter-webapplicationroutingenabled) | bool | Specifies whether the webApplicationRoutingEnabled add-on is enabled or not. |
 
-**Optional The interval in hours Image Cleaner will run parameters**
-
-| Parameter | Type | Description |
-| :-- | :-- | :-- |
-| [`imageCleanerIntervalHours`](#parameter-imagecleanerintervalhours) | int | Defaults 120, 5 days. |
-
 ### Parameter: `name`
 
 Specifies the name of the AKS cluster.
@@ -2792,6 +2787,14 @@ Identities associated with the cluster.
 - Required: No
 - Type: object
 
+### Parameter: `imageCleanerIntervalHours`
+
+The interval in hours Image Cleaner will run. Defaults 120, 5 days.
+
+- Required: No
+- Type: int
+- Default: `120`
+
 ### Parameter: `ingressApplicationGatewayEnabled`
 
 Specifies whether the ingressApplicationGateway (AGIC) add-on is enabled or not.
@@ -3238,14 +3241,6 @@ Specifies whether the webApplicationRoutingEnabled add-on is enabled or not.
 - Type: bool
 - Default: `False`
 
-### Parameter: `imageCleanerIntervalHours`
-
-Defaults 120, 5 days.
-
-- Required: No
-- Type: int
-- Default: `120`
-
 
 ## Outputs
 
diff --git a/avm/res/container-service/managed-cluster/main.bicep b/avm/res/container-service/managed-cluster/main.bicep
index f06940f79a..e7f810f933 100644
--- a/avm/res/container-service/managed-cluster/main.bicep
+++ b/avm/res/container-service/managed-cluster/main.bicep
@@ -297,7 +297,7 @@ param enableAzureDefender bool = false
 @description('Optional. Whether to enable Image Cleaner for Kubernetes.')
 param enableImageCleaner bool = false
 
-@description('Optional The interval in hours Image Cleaner will run. Defaults 120, 5 days.')
+@description('Optional. The interval in hours Image Cleaner will run. Defaults 120, 5 days.')
 param imageCleanerIntervalHours int = 120
 
 @description('Optional. Whether to enable Kubernetes pod security policy. Requires enabling the pod security policy feature flag on the subscription.')
diff --git a/avm/res/container-service/managed-cluster/main.json b/avm/res/container-service/managed-cluster/main.json
index 33e0dd7d58..e140efa512 100644
--- a/avm/res/container-service/managed-cluster/main.json
+++ b/avm/res/container-service/managed-cluster/main.json
@@ -6,7 +6,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.26.54.24096",
-      "templateHash": "15989375192995835398"
+      "templateHash": "10969298207545891085"
     },
     "name": "Azure Kubernetes Service (AKS) Managed Clusters",
     "description": "This module deploys an Azure Kubernetes Service (AKS) Managed Cluster.",
@@ -1263,7 +1263,7 @@
       "type": "int",
       "defaultValue": 120,
       "metadata": {
-        "description": "Optional The interval in hours Image Cleaner will run. Defaults 120, 5 days."
+        "description": "Optional. The interval in hours Image Cleaner will run. Defaults 120, 5 days."
       }
     },
     "enablePodSecurityPolicy": {

From a6b98f52960e0453963ad12337d8e24b222a83b0 Mon Sep 17 00:00:00 2001
From: PixelRobots <22979170+PixelRobots@users.noreply.github.com>
Date: Thu, 18 Apr 2024 09:21:03 +0100
Subject: [PATCH 3/8] re ran set-svmmodule

Signed-off-by: PixelRobots <22979170+PixelRobots@users.noreply.github.com>
---
 avm/res/container-service/managed-cluster/main.json | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/avm/res/container-service/managed-cluster/main.json b/avm/res/container-service/managed-cluster/main.json
index ab353d982e..9e6e9642bd 100644
--- a/avm/res/container-service/managed-cluster/main.json
+++ b/avm/res/container-service/managed-cluster/main.json
@@ -5,8 +5,8 @@
   "metadata": {
     "_generator": {
       "name": "bicep",
-      "version": "0.26.54.24096",
-      "templateHash": "10969298207545891085"
+      "version": "0.26.170.59819",
+      "templateHash": "7647899051970012853"
     },
     "name": "Azure Kubernetes Service (AKS) Managed Clusters",
     "description": "This module deploys an Azure Kubernetes Service (AKS) Managed Cluster.",
@@ -1902,8 +1902,8 @@
           "metadata": {
             "_generator": {
               "name": "bicep",
-              "version": "0.26.54.24096",
-              "templateHash": "8772299678418708256"
+              "version": "0.26.170.59819",
+              "templateHash": "4264461851737541966"
             },
             "name": "Azure Kubernetes Service (AKS) Managed Cluster Agent Pools",
             "description": "This module deploys an Azure Kubernetes Service (AKS) Managed Cluster Agent Pool.",

From 67dfd46ccbe2ea3c61282e387756b9d4106f243b Mon Sep 17 00:00:00 2001
From: Richard Hooper <littlehoops@gmail.com>
Date: Fri, 19 Apr 2024 08:08:01 +0100
Subject: [PATCH 4/8] Update
 avm/res/container-service/managed-cluster/main.bicep

Co-authored-by: Ilhaan Rasheed <ilhaan@users.noreply.github.com>
---
 avm/res/container-service/managed-cluster/main.bicep | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/avm/res/container-service/managed-cluster/main.bicep b/avm/res/container-service/managed-cluster/main.bicep
index 5acfef6348..b7ff5bf52a 100644
--- a/avm/res/container-service/managed-cluster/main.bicep
+++ b/avm/res/container-service/managed-cluster/main.bicep
@@ -300,8 +300,8 @@ param enableAzureDefender bool = false
 @description('Optional. Whether to enable Image Cleaner for Kubernetes.')
 param enableImageCleaner bool = false
 
-@description('Optional. The interval in hours Image Cleaner will run. Defaults 120, 5 days.')
-param imageCleanerIntervalHours int = 120
+@description('Optional. The interval in hours Image Cleaner will run. Minimum value is 24 hours and maximum is three months')
+param imageCleanerIntervalHours int = 24
 
 @description('Optional. Whether to enable Kubernetes pod security policy. Requires enabling the pod security policy feature flag on the subscription.')
 param enablePodSecurityPolicy bool = false

From e9ec0fe260d2dd09ec39a783430a41f31e82bafe Mon Sep 17 00:00:00 2001
From: PixelRobots <22979170+PixelRobots@users.noreply.github.com>
Date: Fri, 19 Apr 2024 08:10:23 +0100
Subject: [PATCH 5/8] Update imageCleanerIntervalHours parameter description in
 managed-cluster README.md

Signed-off-by: PixelRobots <22979170+PixelRobots@users.noreply.github.com>
---
 avm/res/container-service/managed-cluster/README.md | 6 +++---
 avm/res/container-service/managed-cluster/main.json | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/avm/res/container-service/managed-cluster/README.md b/avm/res/container-service/managed-cluster/README.md
index 7f43fc1278..68c10879fd 100644
--- a/avm/res/container-service/managed-cluster/README.md
+++ b/avm/res/container-service/managed-cluster/README.md
@@ -1536,7 +1536,7 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:<vers
 | [`httpApplicationRoutingEnabled`](#parameter-httpapplicationroutingenabled) | bool | Specifies whether the httpApplicationRouting add-on is enabled or not. |
 | [`httpProxyConfig`](#parameter-httpproxyconfig) | object | Configurations for provisioning the cluster with HTTP proxy servers. |
 | [`identityProfile`](#parameter-identityprofile) | object | Identities associated with the cluster. |
-| [`imageCleanerIntervalHours`](#parameter-imagecleanerintervalhours) | int | The interval in hours Image Cleaner will run. Defaults 120, 5 days. |
+| [`imageCleanerIntervalHours`](#parameter-imagecleanerintervalhours) | int | The interval in hours Image Cleaner will run. Minimum value is 24 hours and maximum is three months |
 | [`ingressApplicationGatewayEnabled`](#parameter-ingressapplicationgatewayenabled) | bool | Specifies whether the ingressApplicationGateway (AGIC) add-on is enabled or not. |
 | [`kubeDashboardEnabled`](#parameter-kubedashboardenabled) | bool | Specifies whether the kubeDashboard add-on is enabled or not. |
 | [`kubernetesVersion`](#parameter-kubernetesversion) | string | Version of Kubernetes specified when creating the managed cluster. |
@@ -2798,11 +2798,11 @@ Identities associated with the cluster.
 
 ### Parameter: `imageCleanerIntervalHours`
 
-The interval in hours Image Cleaner will run. Defaults 120, 5 days.
+The interval in hours Image Cleaner will run. Minimum value is 24 hours and maximum is three months
 
 - Required: No
 - Type: int
-- Default: `120`
+- Default: `24`
 
 ### Parameter: `ingressApplicationGatewayEnabled`
 
diff --git a/avm/res/container-service/managed-cluster/main.json b/avm/res/container-service/managed-cluster/main.json
index 9e6e9642bd..21a74d818f 100644
--- a/avm/res/container-service/managed-cluster/main.json
+++ b/avm/res/container-service/managed-cluster/main.json
@@ -6,7 +6,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.26.170.59819",
-      "templateHash": "7647899051970012853"
+      "templateHash": "6083779461849252508"
     },
     "name": "Azure Kubernetes Service (AKS) Managed Clusters",
     "description": "This module deploys an Azure Kubernetes Service (AKS) Managed Cluster.",
@@ -1268,9 +1268,9 @@
     },
     "imageCleanerIntervalHours": {
       "type": "int",
-      "defaultValue": 120,
+      "defaultValue": 24,
       "metadata": {
-        "description": "Optional. The interval in hours Image Cleaner will run. Defaults 120, 5 days."
+        "description": "Optional. The interval in hours Image Cleaner will run. Minimum value is 24 hours and maximum is three months"
       }
     },
     "enablePodSecurityPolicy": {

From f1a8e4e1b575b300eb974cacd67d0f8bf8661bce Mon Sep 17 00:00:00 2001
From: PixelRobots <22979170+PixelRobots@users.noreply.github.com>
Date: Fri, 19 Apr 2024 08:11:44 +0100
Subject: [PATCH 6/8] Update imageCleanerIntervalHours parameter description in
 managed-cluster README.md

Signed-off-by: PixelRobots <22979170+PixelRobots@users.noreply.github.com>
---
 avm/res/container-service/managed-cluster/README.md  | 4 ++--
 avm/res/container-service/managed-cluster/main.bicep | 2 +-
 avm/res/container-service/managed-cluster/main.json  | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/avm/res/container-service/managed-cluster/README.md b/avm/res/container-service/managed-cluster/README.md
index 68c10879fd..8f4e377c6b 100644
--- a/avm/res/container-service/managed-cluster/README.md
+++ b/avm/res/container-service/managed-cluster/README.md
@@ -1536,7 +1536,7 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:<vers
 | [`httpApplicationRoutingEnabled`](#parameter-httpapplicationroutingenabled) | bool | Specifies whether the httpApplicationRouting add-on is enabled or not. |
 | [`httpProxyConfig`](#parameter-httpproxyconfig) | object | Configurations for provisioning the cluster with HTTP proxy servers. |
 | [`identityProfile`](#parameter-identityprofile) | object | Identities associated with the cluster. |
-| [`imageCleanerIntervalHours`](#parameter-imagecleanerintervalhours) | int | The interval in hours Image Cleaner will run. Minimum value is 24 hours and maximum is three months |
+| [`imageCleanerIntervalHours`](#parameter-imagecleanerintervalhours) | int | The interval in hours Image Cleaner will run. Minimum value is 24 hours and maximum is three months. |
 | [`ingressApplicationGatewayEnabled`](#parameter-ingressapplicationgatewayenabled) | bool | Specifies whether the ingressApplicationGateway (AGIC) add-on is enabled or not. |
 | [`kubeDashboardEnabled`](#parameter-kubedashboardenabled) | bool | Specifies whether the kubeDashboard add-on is enabled or not. |
 | [`kubernetesVersion`](#parameter-kubernetesversion) | string | Version of Kubernetes specified when creating the managed cluster. |
@@ -2798,7 +2798,7 @@ Identities associated with the cluster.
 
 ### Parameter: `imageCleanerIntervalHours`
 
-The interval in hours Image Cleaner will run. Minimum value is 24 hours and maximum is three months
+The interval in hours Image Cleaner will run. Minimum value is 24 hours and maximum is three months.
 
 - Required: No
 - Type: int
diff --git a/avm/res/container-service/managed-cluster/main.bicep b/avm/res/container-service/managed-cluster/main.bicep
index b7ff5bf52a..0f8178ea3c 100644
--- a/avm/res/container-service/managed-cluster/main.bicep
+++ b/avm/res/container-service/managed-cluster/main.bicep
@@ -300,7 +300,7 @@ param enableAzureDefender bool = false
 @description('Optional. Whether to enable Image Cleaner for Kubernetes.')
 param enableImageCleaner bool = false
 
-@description('Optional. The interval in hours Image Cleaner will run. Minimum value is 24 hours and maximum is three months')
+@description('Optional. The interval in hours Image Cleaner will run. Minimum value is 24 hours and maximum is three months.')
 param imageCleanerIntervalHours int = 24
 
 @description('Optional. Whether to enable Kubernetes pod security policy. Requires enabling the pod security policy feature flag on the subscription.')
diff --git a/avm/res/container-service/managed-cluster/main.json b/avm/res/container-service/managed-cluster/main.json
index 21a74d818f..6e062f8dfa 100644
--- a/avm/res/container-service/managed-cluster/main.json
+++ b/avm/res/container-service/managed-cluster/main.json
@@ -6,7 +6,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.26.170.59819",
-      "templateHash": "6083779461849252508"
+      "templateHash": "10639713915689427723"
     },
     "name": "Azure Kubernetes Service (AKS) Managed Clusters",
     "description": "This module deploys an Azure Kubernetes Service (AKS) Managed Cluster.",
@@ -1270,7 +1270,7 @@
       "type": "int",
       "defaultValue": 24,
       "metadata": {
-        "description": "Optional. The interval in hours Image Cleaner will run. Minimum value is 24 hours and maximum is three months"
+        "description": "Optional. The interval in hours Image Cleaner will run. Minimum value is 24 hours and maximum is three months."
       }
     },
     "enablePodSecurityPolicy": {

From d741f4ad3582ef81c913eeb380bf1d92eac63a1c Mon Sep 17 00:00:00 2001
From: Richard Hooper <littlehoops@gmail.com>
Date: Mon, 22 Apr 2024 20:24:57 +0100
Subject: [PATCH 7/8] Update
 avm/res/container-service/managed-cluster/main.bicep

Co-authored-by: Alexander Sehr <ASehr@hotmail.de>
---
 avm/res/container-service/managed-cluster/main.bicep | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/avm/res/container-service/managed-cluster/main.bicep b/avm/res/container-service/managed-cluster/main.bicep
index 7bdbd6e4dc..1f5b0c1fc1 100644
--- a/avm/res/container-service/managed-cluster/main.bicep
+++ b/avm/res/container-service/managed-cluster/main.bicep
@@ -307,7 +307,8 @@ param enableAzureDefender bool = false
 @description('Optional. Whether to enable Image Cleaner for Kubernetes.')
 param enableImageCleaner bool = false
 
-@description('Optional. The interval in hours Image Cleaner will run. Minimum value is 24 hours and maximum is three months.')
+@description('Optional. The interval in hours Image Cleaner will run. The maximum value is three months.')
+@minValue(24)
 param imageCleanerIntervalHours int = 24
 
 @description('Optional. Whether to enable Kubernetes pod security policy. Requires enabling the pod security policy feature flag on the subscription.')

From c9006ab33fc0d4c21538fbba47df838c86f57a79 Mon Sep 17 00:00:00 2001
From: PixelRobots <22979170+PixelRobots@users.noreply.github.com>
Date: Tue, 23 Apr 2024 08:07:41 +0100
Subject: [PATCH 8/8] Update imageCleanerIntervalHours description in README.md
 and main.json

Signed-off-by: PixelRobots <22979170+PixelRobots@users.noreply.github.com>
---
 avm/res/container-service/managed-cluster/README.md | 4 ++--
 avm/res/container-service/managed-cluster/main.json | 5 +++--
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/avm/res/container-service/managed-cluster/README.md b/avm/res/container-service/managed-cluster/README.md
index bd83c1451d..2c6fc4b762 100644
--- a/avm/res/container-service/managed-cluster/README.md
+++ b/avm/res/container-service/managed-cluster/README.md
@@ -1513,7 +1513,7 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:<vers
 | [`httpApplicationRoutingEnabled`](#parameter-httpapplicationroutingenabled) | bool | Specifies whether the httpApplicationRouting add-on is enabled or not. |
 | [`httpProxyConfig`](#parameter-httpproxyconfig) | object | Configurations for provisioning the cluster with HTTP proxy servers. |
 | [`identityProfile`](#parameter-identityprofile) | object | Identities associated with the cluster. |
-| [`imageCleanerIntervalHours`](#parameter-imagecleanerintervalhours) | int | The interval in hours Image Cleaner will run. Minimum value is 24 hours and maximum is three months. |
+| [`imageCleanerIntervalHours`](#parameter-imagecleanerintervalhours) | int | The interval in hours Image Cleaner will run. The maximum value is three months. |
 | [`ingressApplicationGatewayEnabled`](#parameter-ingressapplicationgatewayenabled) | bool | Specifies whether the ingressApplicationGateway (AGIC) add-on is enabled or not. |
 | [`kedaAddon`](#parameter-kedaaddon) | bool | Enables Kubernetes Event-driven Autoscaling (KEDA). |
 | [`kubeDashboardEnabled`](#parameter-kubedashboardenabled) | bool | Specifies whether the kubeDashboard add-on is enabled or not. |
@@ -2791,7 +2791,7 @@ Identities associated with the cluster.
 
 ### Parameter: `imageCleanerIntervalHours`
 
-The interval in hours Image Cleaner will run. Minimum value is 24 hours and maximum is three months.
+The interval in hours Image Cleaner will run. The maximum value is three months.
 
 - Required: No
 - Type: int
diff --git a/avm/res/container-service/managed-cluster/main.json b/avm/res/container-service/managed-cluster/main.json
index ec56407f9c..b2aabaacf2 100644
--- a/avm/res/container-service/managed-cluster/main.json
+++ b/avm/res/container-service/managed-cluster/main.json
@@ -6,7 +6,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.26.170.59819",
-      "templateHash": "10639713915689427723"
+      "templateHash": "12963223629809121473"
     },
     "name": "Azure Kubernetes Service (AKS) Managed Clusters",
     "description": "This module deploys an Azure Kubernetes Service (AKS) Managed Cluster.",
@@ -1280,8 +1280,9 @@
     "imageCleanerIntervalHours": {
       "type": "int",
       "defaultValue": 24,
+      "minValue": 24,
       "metadata": {
-        "description": "Optional. The interval in hours Image Cleaner will run. Minimum value is 24 hours and maximum is three months."
+        "description": "Optional. The interval in hours Image Cleaner will run. The maximum value is three months."
       }
     },
     "enablePodSecurityPolicy": {