last sync: 2024-Dec-06 18:53:17 UTC

Deploy Azure Policy Add-on to Azure Kubernetes Service clusters

Azure BuiltIn Policy definition

Source Azure Portal
Display name Deploy Azure Policy Add-on to Azure Kubernetes Service clusters
Id a8eff44f-8c92-45c3-a3fb-9880802d67a7
Version 4.1.0
Details on versioning
Versioning Versions supported for Versioning: 2
4.0.1
4.1.0
Built-in Versioning [Preview]
Category Kubernetes
Microsoft Learn
Description Use Azure Policy Add-on to manage and report on the compliance state of your Azure Kubernetes Service (AKS) clusters. For more information, see https://aka.ms/akspolicydoc.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Azure Kubernetes Service Contributor Role ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8
Azure Kubernetes Service Policy Add-on Deployment 18ed5180-3e48-46fd-8541-4ea054d57064
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.ContainerService/managedClusters/addonProfiles.azurePolicy.enabled Microsoft.ContainerService managedClusters properties.addonProfiles.azurePolicy.enabled True False
Rule resource types IF (1)
Microsoft.ContainerService/managedClusters
THEN-Deployment (2)
Microsoft.ContainerService/managedClusters
Microsoft.Resources/deployments
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Deprecated]: Deploy Microsoft Defender for Cloud configuration Deploy-MDFC-Config Security Center Deprecated ALZ
[Preview]: Use Image Integrity to ensure only trusted images are deployed af28bf8b-c669-4dd3-9137-1e68fdc61bd6 Kubernetes Preview BuiltIn
Deploy Microsoft Defender for Cloud configuration Deploy-MDFC-Config_20240319 Security Center GA ALZ
Enforce recommended guardrails for Kubernetes Enforce-Guardrails-Kubernetes Kubernetes GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-03-11 18:31:50 change Minor (4.0.1 > 4.1.0)
2023-10-31 19:02:40 change Patch (4.0.0 > 4.0.1)
2022-02-18 17:44:00 change Major (3.0.0 > 4.0.0)
2021-12-06 22:17:57 change Major (2.0.0 > 3.0.0)
2021-08-30 14:27:30 change Major (1.0.0 > 2.0.0)
2020-10-20 13:29:33 add a8eff44f-8c92-45c3-a3fb-9880802d67a7
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC