Name | [Preview]: Configure Azure Kubernetes Service clusters to enable Defender profile Azure Portal |
|||||||||||||||||||||
Id | 64def556-fbad-4622-930e-72d1d5589bf5 | |||||||||||||||||||||
Version | 3.0.3-preview details on versioning |
|||||||||||||||||||||
Category | Kubernetes Microsoft docs |
|||||||||||||||||||||
Description | Microsoft Defender for Containers provides cloud-native Kubernetes security capabilities including environment hardening, workload protection, and run-time protection. When you enable the SecurityProfile.AzureDefender on your Azure Kubernetes Service cluster, an agent is deployed to your cluster to collect security event data. Learn more about Microsoft Defender for Containers: https://docs.microsoft.com/azure/defender-for-cloud/defender-for-containers-introduction?tabs=defender-for-container-arch-aks. | |||||||||||||||||||||
Mode | Indexed | |||||||||||||||||||||
Type | BuiltIn | |||||||||||||||||||||
Preview | True | |||||||||||||||||||||
Deprecated | FALSE | |||||||||||||||||||||
Effect | Default: DeployIfNotExists Allowed: (DeployIfNotExists, Disabled) |
|||||||||||||||||||||
Used RBAC Role |
|
|||||||||||||||||||||
Rule Aliases | THEN-ExistenceCondition (1)
|
|||||||||||||||||||||
Rule ResourceTypes | IF (1) Microsoft.ContainerService/managedClusters THEN-Deployment (4) Microsoft.ContainerService/ManagedClusters Microsoft.OperationalInsights/workspaces Microsoft.Resources/deployments Microsoft.Resources/resourceGroups |
|||||||||||||||||||||
History |
|
|||||||||||||||||||||
Used in Initiatives | none | |||||||||||||||||||||
JSON Changes |
|
|||||||||||||||||||||
JSON |
|