last sync: 2022-Sep-30 16:34:23 UTC

Azure Policy definition

Azure Kubernetes Service Clusters should disable Command Invoke

Name Azure Kubernetes Service Clusters should disable Command Invoke
Azure Portal
Id 89f2d532-c53c-4f8f-9afa-4927b1114a0d
Version 1.0.0
details on versioning
Category Kubernetes
Microsoft docs
Description Disabling command invoke can enhance the security by avoiding bypass of restricted network access or Kubernetes role-based access control
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Audit
Allowed: (Audit, Disabled)
Used RBAC Role none
Rule Aliases IF (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.ContainerService/managedClusters/apiServerAccessProfile.disableRunCommand Microsoft.ContainerService managedClusters properties.apiServerAccessProfile.disableRunCommand false
Rule ResourceTypes IF (1)
Date/Time (UTC ymd) (i) Change type Change detail
2022-04-01 20:29:14 add 89f2d532-c53c-4f8f-9afa-4927b1114a0d
Used in Initiatives none