AzPolicyAdvertizer

last sync: 2024-Jul-26 18:17:39 UTC

[Preview]: Deploy Image Integrity on Azure Kubernetes Service

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

[Preview]: Deploy Image Integrity on Azure Kubernetes Service

5dc99dae-cfb2-42cc-8762-9aae02b74e27

Version

1.0.5-preview
Details on versioning

Category

Kubernetes
Microsoft Learn

Description

Deploy both Image Integrity and Policy Add-Ons Azure Kubernetes clusters. For more info, visit https://aka.ms/aks/image-integrity

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled

RBAC role(s)

Role Name	Role Id
Azure Kubernetes Service Contributor Role	ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8
Azure Kubernetes Service Policy Add-on Deployment	18ed5180-3e48-46fd-8541-4ea054d57064

Rule aliases

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.ContainerService/managedClusters/securityProfile.imageIntegrity.enabled	Microsoft.ContainerService	managedClusters	properties.securityProfile.imageIntegrity.enabled	True		False

Rule resource types

IF (1)
Microsoft.ContainerService/managedClusters
THEN-Deployment (2)
Microsoft.ContainerService/managedClusters
Microsoft.Resources/deployments

Compliance

Not a Compliance control

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Preview]: Use Image Integrity to ensure only trusted images are deployed	af28bf8b-c669-4dd3-9137-1e68fdc61bd6	Kubernetes	Preview	BuiltIn

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2023-11-08 19:40:08	change	Patch, suffix remains equal (1.0.4-preview > 1.0.5-preview)
2023-10-31 19:02:40	change	Patch, suffix remains equal (1.0.3-preview > 1.0.4-preview)
2023-10-23 17:41:36	change	Patch, suffix remains equal (1.0.1-preview > 1.0.3-preview)
2023-10-16 18:01:34	change	Patch, suffix remains equal (1.0.0-preview > 1.0.1-preview)
2023-09-01 18:00:13	add	5dc99dae-cfb2-42cc-8762-9aae02b74e27

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC