AzPolicyAdvertizer

last sync: 2025-Jul-18 17:23:11 UTC

Azure Kubernetes Service Clusters should have local authentication methods disabled

Azure BuiltIn Policy definition

Source Azure Portal
Display name Azure Kubernetes Service Clusters should have local authentication methods disabled
Id 993c2fcd-2b29-49d2-9eb0-df2c3a730c32
Version 1.0.1
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.1
Built-in Versioning [Preview]
Category Kubernetes
Microsoft Learn
Description Disabling local authentication methods improves security by ensuring that Azure Kubernetes Service Clusters should exclusively require Azure Active Directory identities for authentication. Learn more at: https://aka.ms/aks-disable-local-accounts.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.ContainerService/managedClusters/disableLocalAccounts Microsoft.ContainerService managedClusters properties.disableLocalAccounts True False
Rule resource types IF (1)
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
Enforce recommended guardrails for Kubernetes Enforce-Guardrails-Kubernetes Kubernetes GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-10-21 16:42:13 change Patch (1.0.0 > 1.0.1)
2021-08-09 19:32:42 add 993c2fcd-2b29-49d2-9eb0-df2c3a730c32
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC