last sync: 2022-Sep-23 16:35:49 UTC

Azure Policy definition

Kubernetes clusters should disable automounting API credentials

Name Kubernetes clusters should disable automounting API credentials
Azure Portal
Id 423dd1ba-798e-40e4-9c4d-b6902674b423
Version 4.0.0
details on versioning
Category Kubernetes
Microsoft docs
Description Disable automounting API credentials to prevent a potentially compromised Pod resource to run API commands against Kubernetes clusters. For more information, see https://aka.ms/kubepolicydoc.
Mode Microsoft.Kubernetes.Data
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Audit
Allowed: (audit, Audit, deny, Deny, disabled, Disabled)
Used RBAC Role none
Rule Aliases
Rule ResourceTypes IF (1)
Microsoft.ContainerService/managedClusters
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-19 17:41:40 change Major (3.0.1 > 4.0.0)
2022-06-17 16:31:08 change Patch (3.0.0 > 3.0.1) *changes on text case sensitivity are not tracked
2022-06-10 16:31:21 change Major (2.1.0 > 3.0.0)
2022-04-01 20:29:14 change Minor (2.0.2 > 2.1.0)
2021-12-06 22:17:57 change Patch (2.0.1 > 2.0.2) *changes on text case sensitivity are not tracked
2021-10-04 15:27:15 change Version remains equal, old suffix: preview (2.0.1-preview > 2.0.1)
2021-09-08 15:39:57 change Patch, suffix remains equal (2.0.0-preview > 2.0.1-preview)
2021-03-02 15:11:40 change Major, suffix remains equal (1.0.0-preview > 2.0.0-preview)
2020-12-11 15:42:52 add 423dd1ba-798e-40e4-9c4d-b6902674b423
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State Type
Azure Security Benchmark 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 Security Center GA BuiltIn
New Zealand ISM Restricted v3.5 93d2179e-3068-c82f-2428-d614ae836a04 Regulatory Compliance GA BuiltIn
SOC 2 Type 2 4054785f-702b-4a98-9215-009cbd58b141 Regulatory Compliance GA BuiltIn
JSON Changes

JSON