last sync: 2020-Jul-10 14:05:01 UTC

Azure Policy

[Deprecated]: Enforce internal load balancers in AKS

Policy DisplayName [Deprecated]: Enforce internal load balancers in AKS
Policy Id a74d8f00-2fd9-4ce4-968e-0ee1eb821698
Policy Category Kubernetes service
Policy Description This policy enforces load balancers do not have public IPs in an Azure Kubernetes Service cluster. This policy is deprecated, please visit https://aka.ms/kubepolicydoc for instructions on using new Kubernetes policies.
Policy Mode Microsoft.ContainerService.Data
Policy Type BuiltIn
Policy in Preview FALSE
Policy Deprecated True
Policy Effect Default: EnforceRegoPolicy
Allowed: (EnforceRegoPolicy,Disabled)
Roles used none
Policy Changes
Date/Time (UTC ymd) (i) Change Change detail
2020-06-01 18:36:18 change: DisplayName previous DisplayName: [Limited Preview]: [AKS] Enforce internal load balancers in AKS
2019-11-12 19:11:12 change: DisplayName previous DisplayName: [Limited Preview]: Enforce internal load balancers in AKS
Used in Policy Initiative(s) none
Policy Rule
{
  "properties": {
  "displayName": "[Deprecated]: Enforce internal load balancers in AKS",
    "policyType": "BuiltIn",
    "mode": "Microsoft.ContainerService.Data",
    "description": "This policy enforces load balancers do not have public IPs in an Azure Kubernetes Service cluster. This policy is deprecated, please visit https://aka.ms/kubepolicydoc for instructions on using new Kubernetes policies.",
    "metadata": {
      "version": "1.0.1-deprecated",
      "category": "Kubernetes service",
      "deprecated": true
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "EnforceRegoPolicy",
          "Disabled"
        ],
        "defaultValue": "EnforceRegoPolicy"
      }
    },
    "policyRule": {
      "if": {
        "field": "type",
        "equals": "Microsoft.ContainerService/managedClusters"
      },
      "then": {
      "effect": "[parameters('effect')]",
        "details": {
          "policyId": "LoadBalancersInternal",
          "policy": "https://raw.githubusercontent.com/Azure/azure-policy/master/built-in-references/KubernetesService/loadbalancer-no-publicips/limited-preview/gatekeeperpolicy.rego"
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/a74d8f00-2fd9-4ce4-968e-0ee1eb821698",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "a74d8f00-2fd9-4ce4-968e-0ee1eb821698"
}