| Name | Kubernetes clusters should disable automounting API credentials Community-Policy GitHub |
||
| Id | kubernetes_block-automount-token | ||
| Version | 1.0.0-preview details on versioning |
||
| Category | Kubernetes Microsoft docs |
||
| Description | Disable automounting API credentials to prevent a potentially compromised Pod resource to run API commands against Kubernetes clusters. For instructions on using this policy, please go to https://aka.ms/kubepolicydoc. | ||
| Mode | Microsoft.Kubernetes.Data | ||
| Type | Custom Community | ||
| Effect | Default audit Allowed audit, deny, disabled |
||
| Used RBAC Role | none | ||
| Rule Aliases | |||
| Rule ResourceTypes | IF (1) Microsoft.ContainerService/managedClusters |
||
| JSON |
|