last sync: 2022-Sep-27 16:35:32 UTC

Azure Policy definition

Azure Kubernetes Service clusters should have Defender profile enabled

Name Azure Kubernetes Service clusters should have Defender profile enabled
Azure Portal
Id a1840de2-8088-4ea8-b153-b4c723e9cb01
Version 2.0.0
details on versioning
Category Kubernetes
Microsoft docs
Description Microsoft Defender for Containers provides cloud-native Kubernetes security capabilities including environment hardening, workload protection, and run-time protection. When you enable the SecurityProfile.AzureDefender on your Azure Kubernetes Service cluster, an agent is deployed to your cluster to collect security event data. Learn more about Microsoft Defender for Containers in
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Audit
Allowed: (Audit, Disabled)
Used RBAC Role none
Rule Aliases IF (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.ContainerService/managedClusters/securityProfile.defender.securityMonitoring.enabled Microsoft.ContainerService managedClusters properties.securityProfile.defender.securityMonitoring.enabled false
Rule ResourceTypes IF (1)
Date/Time (UTC ymd) (i) Change type Change detail
2022-07-26 16:32:46 change Major (1.0.3 > 2.0.0)
2022-06-24 19:15:47 change Patch, old suffix: preview (1.0.2-preview > 1.0.3)
2022-03-11 18:16:48 change Patch, suffix remains equal (1.0.1-preview > 1.0.2-preview)
2021-11-12 16:23:07 change Patch, suffix remains equal (1.0.0-preview > 1.0.1-preview)
2021-08-23 14:26:16 add a1840de2-8088-4ea8-b153-b4c723e9cb01
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: Reserve Bank of India - IT Framework for NBFC 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c Regulatory Compliance Preview BuiltIn
Azure Security Benchmark 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 Security Center GA BuiltIn
SOC 2 Type 2 4054785f-702b-4a98-9215-009cbd58b141 Regulatory Compliance GA BuiltIn
JSON Changes