AzPolicyAdvertizer

last sync: 2025-Jul-14 17:22:48 UTC

[Deprecated]: Kubernetes cluster containers should only listen on allowed ports

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

[Deprecated]: Kubernetes cluster containers should only listen on allowed ports

440b515e-a580-421e-abeb-b159a61ddcbc

Version

6.2.0-deprecated
Details on versioning

Versioning

Versions supported for Versioning: 1
6.2.0 (6.2.0-deprecated)
Built-in Versioning [Preview]

Category

Kubernetes
Microsoft Learn

Description

Restrict containers to listen only on allowed ports to secure access to the Kubernetes cluster. The policy is deprecating since container port is only informative field which cannot decide the port container is actually using. For more information, see https://aka.ms/kubepolicydoc.

Cloud environments

AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown

Available in AzUSGov

The Policy is available in AzureUSGovernment cloud. Version: '6.2.0-deprecated'
Repository: Azure-Policy 440b515e-a580-421e-abeb-b159a61ddcbc

Mode

Microsoft.Kubernetes.Data

Type

BuiltIn

Preview

False

Deprecated

True

Effect

Default
Deny
Allowed
audit, Audit, deny, Deny, disabled, Disabled

RBAC role(s)

none

Rule aliases

none

Rule resource types

IF (2)

Microsoft.ContainerService/managedClusters
Microsoft.Kubernetes/connectedClusters

Compliance

Not a Compliance control

Initiatives usage

none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2022-04-01 20:29:14	change	Minor, suffix remains equal (6.1.3-deprecated > 6.2.0-deprecated)
2022-01-07 18:14:35	change	Patch, new suffix: deprecated (6.1.2 > 6.1.3-deprecated)
2021-12-06 22:17:57	change	Patch (6.1.1 > 6.1.2)
2021-06-08 15:17:13	change	Patch (6.1.0 > 6.1.1)
2021-03-09 14:37:41	change	Minor (6.0.0 > 6.1.0)
2021-03-02 15:11:40	change	Major (5.0.1 > 6.0.0)
2020-12-11 15:42:52	change	Major (4.0.1 > 5.0.1)
2020-09-15 14:06:41	change	Previous DisplayName: [Preview]: Ensure containers listen only on allowed ports in Kubernetes cluster
2020-04-23 15:06:19	change	Previous DisplayName: [Preview]: [AKS Engine] Ensure containers listen only on allowed ports in Kubernetes cluster
2019-10-29 23:04:36	add	440b515e-a580-421e-abeb-b159a61ddcbc

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC