last sync: 2023-Jun-13 17:47:07 UTC

Community Policy definition

Ensure only allowed FlexVolume Drivers are used in Kubernetes Cluster

Name Ensure only allowed FlexVolume Drivers are used in Kubernetes Cluster
Community-Policy GitHub
Id kubernetes_flexvolume-drivers
Version n/a
details on versioning
Category undefined
Microsoft docs
Description This policy ensures only allowed FlexVolume Drivers are used in a Kubernetes cluster. For instructions on using this policy, please visit https://aka.ms/kubepolicydoc
Mode Microsoft.Kubernetes.Data
Type Custom Community
Effect Default
audit
Allowed
audit, deny, disabled
Used RBAC Role none
Rule Aliases
Rule ResourceTypes IF (1)
Microsoft.ContainerService/managedClusters
JSON
{6 items
  • displayName: "Ensure only allowed FlexVolume Drivers are used in Kubernetes Cluster",
  • policyType: "Custom",
  • mode: "Microsoft.Kubernetes.Data",
  • description: "This policy ensures only allowed FlexVolume Drivers are used in a Kubernetes cluster. For instructions on using this policy, please visit https://aka.ms/kubepolicydoc",
  • parameters: {3 items},
  • policyRule: {2 items
    • if: {2 items
      • field: "type",
      • in: [3 items
        • "AKS Engine",
        • "Microsoft.Kubernetes/connectedClusters",
        • "Microsoft.ContainerService/managedClusters"
        ]
      },
    • then: {2 items
      • effect: "[parameters('effect')]",
      • details: {3 items
        • constraintTemplate: "https://raw.githubusercontent.com/Azure/Community-Policy/master/Policies/Kubernetes/flexvolume-drivers/template.yaml",
        • constraint: "https://raw.githubusercontent.com/Azure/Community-Policy/master/Policies/Kubernetes/flexvolume-drivers/constraint.yaml",
        • values: {2 items
          • excludedNamespaces: "[parameters('excludedNamespaces')]",
          • allowedFlexVolumeDrivers: "[parameters('allowedFlexVolumeDrivers')]"
          }
        }
      }
    }
}