last sync: 2022-May-23 08:52:47 UTC

Azure Policy definition

[Preview]: Azure Kubernetes Service clusters should have Defender profile enabled

Name [Preview]: Azure Kubernetes Service clusters should have Defender profile enabled
Azure Portal
Id a1840de2-8088-4ea8-b153-b4c723e9cb01
Version 1.0.2-preview
details on versioning
Category Kubernetes
Microsoft docs
Description Microsoft Defender for Containers provides cloud-native Kubernetes security capabilities including environment hardening, workload protection, and run-time protection. When you enable the SecurityProfile.AzureDefender on your Azure Kubernetes Service cluster, an agent is deployed to your cluster to collect security event data. Learn more about Microsoft Defender for Containers in https://docs.microsoft.com/azure/defender-for-cloud/defender-for-containers-introduction?tabs=defender-for-container-arch-aks
Mode Indexed
Type BuiltIn
Preview True
Deprecated FALSE
Effect Default: Audit
Allowed: (Audit, Disabled)
Used RBAC Role none
Rule Aliases IF (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.ContainerService/managedClusters/securityProfile.azureDefender.enabled Microsoft.ContainerService managedClusters properties.securityProfile.azureDefender.enabled false
Rule ResourceTypes IF (1)
Microsoft.ContainerService/managedClusters
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-03-11 18:16:48 change Patch, suffix remains equal (1.0.1-preview > 1.0.2-preview)
2021-11-12 16:23:07 change Patch, suffix remains equal (1.0.0-preview > 1.0.1-preview)
2021-08-23 14:26:16 add a1840de2-8088-4ea8-b153-b4c723e9cb01
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State Type
Azure Security Benchmark 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 Security Center GA BuiltIn
JSON Changes

JSON