last sync: 2020-Oct-30 14:31:57 UTC

Azure Policy definition

[Deprecated]: Enforce internal load balancers in AKS

Name [Deprecated]: Enforce internal load balancers in AKS
Azure Portal
Id a74d8f00-2fd9-4ce4-968e-0ee1eb821698
Version 1.0.1-deprecated
details on versioning
Category Kubernetes service
Microsoft docs
Description This policy enforces load balancers do not have public IPs in an Azure Kubernetes Service cluster. This policy is deprecated, please visit https://aka.ms/kubepolicydoc for instructions on using new Kubernetes policies.
Mode Microsoft.ContainerService.Data
Type BuiltIn
Preview FALSE
Deprecated True
Effect Default: EnforceRegoPolicy
Allowed: (EnforceRegoPolicy, Disabled)
Used RBAC Role none
History
Date/Time (UTC ymd) (i) Change type Change detail
2020-06-01 18:36:18 change Previous DisplayName: [Limited Preview]: [AKS] Enforce internal load balancers in AKS
2019-11-12 19:11:12 change Previous DisplayName: [Limited Preview]: Enforce internal load balancers in AKS
Used in Initiatives none
Json
{
  "properties": {
  "displayName": "[Deprecated]: Enforce internal load balancers in AKS",
    "policyType": "BuiltIn",
    "mode": "Microsoft.ContainerService.Data",
    "description": "This policy enforces load balancers do not have public IPs in an Azure Kubernetes Service cluster. This policy is deprecated, please visit https://aka.ms/kubepolicydoc for instructions on using new Kubernetes policies.",
    "metadata": {
      "version": "1.0.1-deprecated",
      "category": "Kubernetes service",
      "deprecated": true
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "EnforceRegoPolicy",
          "Disabled"
        ],
        "defaultValue": "EnforceRegoPolicy"
      }
    },
    "policyRule": {
      "if": {
        "field": "type",
        "equals": "Microsoft.ContainerService/managedClusters"
      },
      "then": {
      "effect": "[parameters('effect')]",
        "details": {
          "policyId": "LoadBalancersInternal",
          "policy": "https://raw.githubusercontent.com/Azure/azure-policy/master/built-in-references/KubernetesService/loadbalancer-no-publicips/limited-preview/gatekeeperpolicy.rego"
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/a74d8f00-2fd9-4ce4-968e-0ee1eb821698",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "a74d8f00-2fd9-4ce4-968e-0ee1eb821698"
}