last sync: 2023-Sep-26 18:00:51 UTC

Azure Policy definition

Configure AAD integrated Azure Kubernetes Service Clusters with required Admin Group Access

Source Azure Portal
Display name Configure AAD integrated Azure Kubernetes Service Clusters with required Admin Group Access
Id 36a27de4-199b-40fb-b336-945a8475d6c5
Version 2.0.1
details on versioning
Category Kubernetes
Microsoft docs
Description Ensure to improve cluster security by centrally govern Administrator access to Azure Active Directory integrated AKS clusters.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Azure Kubernetes Service Contributor Role ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8
Azure Kubernetes Service Policy Add-on Deployment 18ed5180-3e48-46fd-8541-4ea054d57064
Rule aliases IF (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.ContainerService/managedClusters/aadProfile Microsoft.ContainerService managedClusters properties.aadProfile false
THEN-ExistenceCondition (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.ContainerService/managedClusters/aadProfile.adminGroupObjectIDs[*] Microsoft.ContainerService managedClusters properties.aadProfile.adminGroupObjectIDs[*] true
Rule resource types IF (1)
Microsoft.ContainerService/managedClusters
THEN-Deployment (2)
Microsoft.ContainerService/managedClusters
Microsoft.Resources/deployments
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-10-21 16:42:13 change Patch (2.0.0 > 2.0.1)
2022-03-11 18:16:48 change Major (1.0.0 > 2.0.0)
2021-12-06 22:17:57 add 36a27de4-199b-40fb-b336-945a8475d6c5
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01