last sync: 2022-May-24 16:30:29 UTC

Azure Policy definition

Kubernetes clusters should disable automounting API credentials

Name Kubernetes clusters should disable automounting API credentials
Azure Portal
Id 423dd1ba-798e-40e4-9c4d-b6902674b423
Version 2.1.0
details on versioning
Category Kubernetes
Microsoft docs
Description Disable automounting API credentials to prevent a potentially compromised Pod resource to run API commands against Kubernetes clusters. For more information, see https://aka.ms/kubepolicydoc.
Mode Microsoft.Kubernetes.Data
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Audit
Allowed: (audit, Audit, deny, Deny, disabled, Disabled)
Used RBAC Role none
Rule Aliases
Rule ResourceTypes IF (1)
Microsoft.ContainerService/managedClusters
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-04-01 20:29:14 change Minor (2.0.2 > 2.1.0)
2021-12-06 22:17:57 change Patch (2.0.1 > 2.0.2) *changes on text case sensitivity are not tracked
2021-10-04 15:27:15 change Version remains equal, old suffix: preview (2.0.1-preview > 2.0.1)
2021-09-08 15:39:57 change Patch, suffix remains equal (2.0.0-preview > 2.0.1-preview)
2021-03-02 15:11:40 change Major, suffix remains equal (1.0.0-preview > 2.0.0-preview)
2020-12-11 15:42:52 add 423dd1ba-798e-40e4-9c4d-b6902674b423
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State Type
Azure Security Benchmark 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 Security Center GA BuiltIn
JSON Changes

JSON